samba - May 2015 - Import idmap database error on classicupgrade process

>
> Then why can the upgrade not contact the ldap server ?
I dont know! :(

Was ldap running on another computer before ?

I installed a temporary openLDAP backend on the new host.

Can you post the smb.conf from the old PDC ? the one you are trying
to
> upgrade from.
I sent my smb.conf to your private e-mail.

On Thu, May 21, 2015 at 3:08 PM, Rowland Penny <rowlandpenny at
googlemail.com>
wrote:
> On 21/05/15 18:46, Elias Pereira wrote:
>
>> Is ldap running on the computer you are trying to run the
classicupgrade
>>> on?
>>>
>>
>> Yes.
>>
>
> Then why can the upgrade not contact the ldap server ?
>
> Was ldap running on another computer before ?
>
> Can you post the smb.conf from the old PDC ? the one you are trying to
> upgrade from.
>
> Rowland
>
>  I need to modify other files too?
>>
>> On Thu, May 21, 2015 at 2:39 PM, Rowland Penny <
>> rowlandpenny at googlemail.com>
>> wrote:
>>
>>  On 21/05/15 18:22, Elias Pereira wrote:
>>>
>>>  Ok. I uncomment that line and put:
>>>>
>>>> passdb backend   = ldapsam:ldap://127.0.0.1
>>>>
>>>>  Is ldap running on the computer you are trying to run the
>>> classicupgrade
>>> on ?
>>>
>>> It needs to connect to the ldap server, so if the ldap server is
running
>>> on another computer, you need to use either the FQDN of that
computer or
>>> its ipaddress.
>>>
>>> Rowland
>>>
>>>
>>>
>>>
>>>  Error message:
>>>>
>>>>
>>>> Provisioning
>>>>
>>>>  smbldap_search_domain_info: Searching
>>>>>
for:[(&(objectClass=sambaDomain)(sambaDomainName=EMPRESA))]
>>>>> smbldap_open_connection: connection opened
>>>>> failed to bind to server ldap://127.0.0.1 with
>>>>> dn="cn=Manager,dc=empresa,dc=com" Error: Invalid
credentials
>>>>> (unknown)
>>>>>
>>>>>
>>>> On Thu, May 21, 2015 at 1:53 PM, Rowland Penny <
>>>> rowlandpenny at googlemail.com>
>>>> wrote:
>>>>
>>>>   On 21/05/15 17:28, Elias Pereira wrote:
>>>>
>>>>>   You're right, man! Sorry! My mistake!
>>>>>
>>>>>> I put that file because I read in somewhere about the
persistent and
>>>>>> temporary files regarding .tdb files. The
winbindd_idamp.tbm was on
>>>>>> that
>>>>>> list, and I think that's why I left it in the
folder. :D
>>>>>>
>>>>>> Another doubt. For the provisioning starts, I had to
comment out the
>>>>>> line
>>>>>> referring to the ldap backend in the smb.conf of
samba3.
>>>>>>
>>>>>> # passdb backend   = ldapsam:ldap://empresa.com
>>>>>>
>>>>>> This can affect the provisioning?
>>>>>>
>>>>>>   Possibly, without that line I don't think it will
contact the ldap
>>>>>>
>>>>> server,
>>>>> but 'ldap://empresa.com' doesn't look right, I
would expect something
>>>>> like 'ldap://ldapdc.empresa.com'  or
'ldap://127.0.0.1' i.e a
>>>>> resolvable
>>>>> dns address.
>>>>>
>>>>> Rowland
>>>>>
>>>>>
>>>>>   On Thu, May 21, 2015 at 12:48 PM, Rowland Penny <
>>>>>
>>>>>> rowlandpenny at googlemail.com
>>>>>>
>>>>>>   wrote:
>>>>>>
>>>>>>> On 21/05/15 16:31, Elias Pereira wrote:
>>>>>>>
>>>>>>>    I copied all the database files of samba3 as is
mentioned in the
>>>>>>> wiki -
>>>>>>>
>>>>>>>  The
>>>>>>>> classicupgrade process
>>>>>>>> <
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
https://wiki.samba.org/index.php/Samba_Classic_Upgrade_(NT4-style_domain_to_AD)#The_classicupgrade_process
>>>>>>>>
>>>>>>>> But if the winbindd_idmap.tdb file is in the
folder, the errors
>>>>>>>> occur.
>>>>>>>> See
>>>>>>>> below:
>>>>>>>>
>>>>>>>> Importing idmap database
>>>>>>>>
>>>>>>>>    ERROR(assert): uncaught exception
>>>>>>>>
>>>>>>>>        File
>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>>>>>>>>> line 175, in _run
>>>>>>>>>         return self.run(*args, **kwargs)
>>>>>>>>>       File
>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
>>>>>>>>> line 1452, in run
>>>>>>>>>         useeadb=eadb,
dns_backend=dns_backend, use_ntvfs=use_ntvfs)
>>>>>>>>>       File
>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
>>>>>>>>> line
>>>>>>>>> 749, in upgrade_from_samba3
>>>>>>>>>         import_idmap(result.idmap, samba3,
logger)
>>>>>>>>>       File
>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
>>>>>>>>> line
>>>>>>>>> 215, in import_idmap
>>>>>>>>>         samba3_idmap =
samba3.get_idmap_db()
>>>>>>>>>       File
>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>> line 406, in get_idmap_db
>>>>>>>>>         return
IdmapDatabase(self.statedir_path("winbindd_idmap"))
>>>>>>>>>       File
>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>> line 63, in __init__
>>>>>>>>>         self._check_version()
>>>>>>>>>       File
>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>> line 146, in _check_version
>>>>>>>>>         assert fetch_int32(self.db,
"IDMAP_VERSION\0") =>>>>>>>>>
IDMAP_VERSION_V2
>>>>>>>>>
>>>>>>>>>    If I remove/delete the file, the
provisioning continues and
>>>>>>>>> tells
>>>>>>>>> me
>>>>>>>>>
>>>>>>>>>  he
>>>>>>>> did
>>>>>>>> not find the file: *Can not open database
idmap, Ignoring: [Errno 2]
>>>>>>>> No
>>>>>>>> such file or directory*
>>>>>>>>
>>>>>>>> Can I still provisioning without the file?
There is the possibility
>>>>>>>> of
>>>>>>>> post-migration issues regarding lack of this
file?
>>>>>>>>
>>>>>>>>
>>>>>>>>    Hi, on the wiki page, it tells you to copy:
>>>>>>>>
>>>>>>>>  secrets.tdb
>>>>>>> schannel_store.tdb
>>>>>>> passdb.tdb
>>>>>>> gencache_notrans.tdb
>>>>>>> group_mapping.tdb
>>>>>>> account_policy.tdb
>>>>>>>
>>>>>>> It does not mention 'winbindd_idmap.tdb'.
>>>>>>>
>>>>>>> So why are you including it ?
>>>>>>>
>>>>>>> Rowland
>>>>>>> --
>>>>>>> To unsubscribe from this list go to the following
URL and read the
>>>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>    --
>>>>>>
>>>>> To unsubscribe from this list go to the following URL and
read the
>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>
>>>>>
>>>>>
>>>>  --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>>>
>>
>>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
Elias Pereira

2015-05-21 20:24 GMT+02:00 Elias Pereira <empbilly at gmail.com>:
> >
> > Then why can the upgrade not contact the ldap server ?
>
> I dont know! :(
>
> Was ldap running on another computer before ?
>
> I installed a temporary openLDAP backend on the new host.
>
> Can you post the smb.conf from the old PDC ? the one you are trying to
> > upgrade from.
>
> I sent my smb.conf to your private e-mail.
>
> On Thu, May 21, 2015 at 3:08 PM, Rowland Penny <
> rowlandpenny at googlemail.com>
> wrote:
>
> > On 21/05/15 18:46, Elias Pereira wrote:
> >
> >> Is ldap running on the computer you are trying to run the
classicupgrade
> >>> on?
> >>>
> >>
> >> Yes.
> >>
> >
> > Then why can the upgrade not contact the ldap server ?
> >
> > Was ldap running on another computer before ?
> >
> > Can you post the smb.conf from the old PDC ? the one you are trying to
> > upgrade from.
> >
> > Rowland
> >
> >  I need to modify other files too?
> >>
> >> On Thu, May 21, 2015 at 2:39 PM, Rowland Penny <
> >> rowlandpenny at googlemail.com>
> >> wrote:
> >>
> >>  On 21/05/15 18:22, Elias Pereira wrote:
> >>>
> >>>  Ok. I uncomment that line and put:
> >>>>
> >>>> passdb backend   = ldapsam:ldap://127.0.0.1
> >>>>
> >>>>  Is ldap running on the computer you are trying to run the
> >>> classicupgrade
> >>> on ?
> >>>
> >>> It needs to connect to the ldap server, so if the ldap server
is
> running
> >>> on another computer, you need to use either the FQDN of that
computer
> or
> >>> its ipaddress.
> >>>
> >>> Rowland
> >>>
> >>>
> >>>
> >>>
> >>>  Error message:
> >>>>
> >>>>
> >>>> Provisioning
> >>>>
> >>>>  smbldap_search_domain_info: Searching
> >>>>>
for:[(&(objectClass=sambaDomain)(sambaDomainName=EMPRESA))]
> >>>>> smbldap_open_connection: connection opened
> >>>>> failed to bind to server ldap://127.0.0.1 with
> >>>>> dn="cn=Manager,dc=empresa,dc=com" Error:
Invalid credentials
> >>>>> (unknown)
> >>>>>
> >>>>>
> >>>> On Thu, May 21, 2015 at 1:53 PM, Rowland Penny <
> >>>> rowlandpenny at googlemail.com>
> >>>> wrote:
> >>>>
> >>>>   On 21/05/15 17:28, Elias Pereira wrote:
> >>>>
> >>>>>   You're right, man! Sorry! My mistake!
> >>>>>
> >>>>>> I put that file because I read in somewhere about
the persistent and
> >>>>>> temporary files regarding .tdb files. The
winbindd_idamp.tbm was on
> >>>>>> that
> >>>>>> list, and I think that's why I left it in the
folder. :D
> >>>>>>
> >>>>>> Another doubt. For the provisioning starts, I had
to comment out the
> >>>>>> line
> >>>>>> referring to the ldap backend in the smb.conf of
samba3.
> >>>>>>
> >>>>>> # passdb backend   = ldapsam:ldap://empresa.com
> >>>>>>
> >>>>>> This can affect the provisioning?
> >>>>>>
> >>>>>>   Possibly, without that line I don't think it
will contact the ldap
> >>>>>>
> >>>>> server,
> >>>>> but 'ldap://empresa.com' doesn't look
right, I would expect
> something
> >>>>> like 'ldap://ldapdc.empresa.com'  or
'ldap://127.0.0.1' i.e a
> >>>>> resolvable
> >>>>> dns address.
> >>>>>
> >>>>> Rowland
> >>>>>
> >>>>>
> >>>>>   On Thu, May 21, 2015 at 12:48 PM, Rowland Penny <
> >>>>>
> >>>>>> rowlandpenny at googlemail.com
> >>>>>>
> >>>>>>   wrote:
> >>>>>>
> >>>>>>> On 21/05/15 16:31, Elias Pereira wrote:
> >>>>>>>
> >>>>>>>    I copied all the database files of samba3
as is mentioned in the
> >>>>>>> wiki -
> >>>>>>>
> >>>>>>>  The
> >>>>>>>> classicupgrade process
> >>>>>>>> <
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
>
https://wiki.samba.org/index.php/Samba_Classic_Upgrade_(NT4-style_domain_to_AD)#The_classicupgrade_process
> >>>>>>>>
> >>>>>>>> But if the winbindd_idmap.tdb file is in
the folder, the errors
> >>>>>>>> occur.
> >>>>>>>> See
> >>>>>>>> below:
> >>>>>>>>
> >>>>>>>> Importing idmap database
> >>>>>>>>
> >>>>>>>>    ERROR(assert): uncaught exception
> >>>>>>>>
> >>>>>>>>        File
> >>>>>>>>>
>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> >>>>>>>>> line 175, in _run
> >>>>>>>>>         return self.run(*args,
**kwargs)
> >>>>>>>>>       File
> >>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
> >>>>>>>>> line 1452, in run
> >>>>>>>>>         useeadb=eadb,
dns_backend=dns_backend,
> use_ntvfs=use_ntvfs)
> >>>>>>>>>       File
> >>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
> >>>>>>>>> line
> >>>>>>>>> 749, in upgrade_from_samba3
> >>>>>>>>>         import_idmap(result.idmap,
samba3, logger)
> >>>>>>>>>       File
> >>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
> >>>>>>>>> line
> >>>>>>>>> 215, in import_idmap
> >>>>>>>>>         samba3_idmap =
samba3.get_idmap_db()
> >>>>>>>>>       File
> >>>>>>>>>
>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
> >>>>>>>>> line 406, in get_idmap_db
> >>>>>>>>>         return
> IdmapDatabase(self.statedir_path("winbindd_idmap"))
> >>>>>>>>>       File
> >>>>>>>>>
>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
> >>>>>>>>> line 63, in __init__
> >>>>>>>>>         self._check_version()
> >>>>>>>>>       File
> >>>>>>>>>
>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
> >>>>>>>>> line 146, in _check_version
> >>>>>>>>>         assert fetch_int32(self.db,
"IDMAP_VERSION\0") => >>>>>>>>>
IDMAP_VERSION_V2
> >>>>>>>>>
> >>>>>>>>>    If I remove/delete the file, the
provisioning continues and
> >>>>>>>>> tells
> >>>>>>>>> me
> >>>>>>>>>
> >>>>>>>>>  he
> >>>>>>>> did
> >>>>>>>> not find the file: *Can not open database
idmap, Ignoring: [Errno
> 2]
> >>>>>>>> No
> >>>>>>>> such file or directory*
> >>>>>>>>
> >>>>>>>> Can I still provisioning without the file?
There is the
> possibility
> >>>>>>>> of
> >>>>>>>> post-migration issues regarding lack of
this file?
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>    Hi, on the wiki page, it tells you to
copy:
> >>>>>>>>
> >>>>>>>>  secrets.tdb
> >>>>>>> schannel_store.tdb
> >>>>>>> passdb.tdb
> >>>>>>> gencache_notrans.tdb
> >>>>>>> group_mapping.tdb
> >>>>>>> account_policy.tdb
> >>>>>>>
> >>>>>>> It does not mention
'winbindd_idmap.tdb'.
> >>>>>>>
> >>>>>>> So why are you including it ?
> >>>>>>>
> >>>>>>> Rowland
> >>>>>>> --
> >>>>>>> To unsubscribe from this list go to the
following URL and read the
> >>>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>    --
> >>>>>>
> >>>>> To unsubscribe from this list go to the following URL
and read the
> >>>>> instructions: 
https://lists.samba.org/mailman/options/samba
> >>>>>
> >>>>>
> >>>>>
> >>>>  --
> >>> To unsubscribe from this list go to the following URL and read
the
> >>> instructions:  https://lists.samba.org/mailman/options/samba
> >>>
> >>>
> >>
> >>
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
>
>
>
> --
> Elias Pereira
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
Some time ago doing some tests i did an upgrade copying all db files, conf
file, and changing the old smb.conf to point to old server instead
localhost. The problem are duplicated groups, you cannot deleted the
duplicated groups on a production server, but if you use virtual machines
you can do a copy on another network to do all tests.

Greetings!!

On 21/05/15 19:24, Elias Pereira wrote:
>> Then why can the upgrade not contact the ldap server ?
> I dont know! :(
>
> Was ldap running on another computer before ?
>
> I installed a temporary openLDAP backend on the new host.
After examining upgrade.py, it would seem that you don't need much of 
your original smb.conf, I am sending you a cut down smb.conf to try.

Have another read of the samba wiki page:

https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29

Double check that you have done everything that pages suggests and then 
try again with the smb.conf I will send you.

If, as I hope, you are testing this in a VM (or similar) do the testing 
in a terminal where you have logged into the VM as root via ssh. You 
will then be able to cut & paste the output into an email. If you are 
still having problems, send the output direct to me.

Rowland
>
> Can you post the smb.conf from the old PDC ? the one you are trying to
>> upgrade from.
> I sent my smb.conf to your private e-mail.
>
> On Thu, May 21, 2015 at 3:08 PM, Rowland Penny <rowlandpenny at
googlemail.com>
> wrote:
>
>> On 21/05/15 18:46, Elias Pereira wrote:
>>
>>> Is ldap running on the computer you are trying to run the
classicupgrade
>>>> on?
>>>>
>>> Yes.
>>>
>> Then why can the upgrade not contact the ldap server ?
>>
>> Was ldap running on another computer before ?
>>
>> Can you post the smb.conf from the old PDC ? the one you are trying to
>> upgrade from.
>>
>> Rowland
>>
>>   I need to modify other files too?
>>> On Thu, May 21, 2015 at 2:39 PM, Rowland Penny <
>>> rowlandpenny at googlemail.com>
>>> wrote:
>>>
>>>   On 21/05/15 18:22, Elias Pereira wrote:
>>>>   Ok. I uncomment that line and put:
>>>>> passdb backend   = ldapsam:ldap://127.0.0.1
>>>>>
>>>>>   Is ldap running on the computer you are trying to run the
>>>> classicupgrade
>>>> on ?
>>>>
>>>> It needs to connect to the ldap server, so if the ldap server
is running
>>>> on another computer, you need to use either the FQDN of that
computer or
>>>> its ipaddress.
>>>>
>>>> Rowland
>>>>
>>>>
>>>>
>>>>
>>>>   Error message:
>>>>>
>>>>> Provisioning
>>>>>
>>>>>   smbldap_search_domain_info: Searching
>>>>>>
for:[(&(objectClass=sambaDomain)(sambaDomainName=EMPRESA))]
>>>>>> smbldap_open_connection: connection opened
>>>>>> failed to bind to server ldap://127.0.0.1 with
>>>>>> dn="cn=Manager,dc=empresa,dc=com" Error:
Invalid credentials
>>>>>> (unknown)
>>>>>>
>>>>>>
>>>>> On Thu, May 21, 2015 at 1:53 PM, Rowland Penny <
>>>>> rowlandpenny at googlemail.com>
>>>>> wrote:
>>>>>
>>>>>    On 21/05/15 17:28, Elias Pereira wrote:
>>>>>
>>>>>>    You're right, man! Sorry! My mistake!
>>>>>>
>>>>>>> I put that file because I read in somewhere about
the persistent and
>>>>>>> temporary files regarding .tdb files. The
winbindd_idamp.tbm was on
>>>>>>> that
>>>>>>> list, and I think that's why I left it in the
folder. :D
>>>>>>>
>>>>>>> Another doubt. For the provisioning starts, I had
to comment out the
>>>>>>> line
>>>>>>> referring to the ldap backend in the smb.conf of
samba3.
>>>>>>>
>>>>>>> # passdb backend   = ldapsam:ldap://empresa.com
>>>>>>>
>>>>>>> This can affect the provisioning?
>>>>>>>
>>>>>>>    Possibly, without that line I don't think it
will contact the ldap
>>>>>>>
>>>>>> server,
>>>>>> but 'ldap://empresa.com' doesn't look
right, I would expect something
>>>>>> like 'ldap://ldapdc.empresa.com'  or
'ldap://127.0.0.1' i.e a
>>>>>> resolvable
>>>>>> dns address.
>>>>>>
>>>>>> Rowland
>>>>>>
>>>>>>
>>>>>>    On Thu, May 21, 2015 at 12:48 PM, Rowland Penny <
>>>>>>
>>>>>>> rowlandpenny at googlemail.com
>>>>>>>
>>>>>>>    wrote:
>>>>>>>
>>>>>>>> On 21/05/15 16:31, Elias Pereira wrote:
>>>>>>>>
>>>>>>>>     I copied all the database files of samba3
as is mentioned in the
>>>>>>>> wiki -
>>>>>>>>
>>>>>>>>   The
>>>>>>>>> classicupgrade process
>>>>>>>>> <
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
https://wiki.samba.org/index.php/Samba_Classic_Upgrade_(NT4-style_domain_to_AD)#The_classicupgrade_process
>>>>>>>>>
>>>>>>>>> But if the winbindd_idmap.tdb file is in
the folder, the errors
>>>>>>>>> occur.
>>>>>>>>> See
>>>>>>>>> below:
>>>>>>>>>
>>>>>>>>> Importing idmap database
>>>>>>>>>
>>>>>>>>>     ERROR(assert): uncaught exception
>>>>>>>>>
>>>>>>>>>         File
>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>>>>>>>>>> line 175, in _run
>>>>>>>>>>          return self.run(*args,
**kwargs)
>>>>>>>>>>        File
>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
>>>>>>>>>> line 1452, in run
>>>>>>>>>>          useeadb=eadb,
dns_backend=dns_backend, use_ntvfs=use_ntvfs)
>>>>>>>>>>        File
>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
>>>>>>>>>> line
>>>>>>>>>> 749, in upgrade_from_samba3
>>>>>>>>>>          import_idmap(result.idmap,
samba3, logger)
>>>>>>>>>>        File
>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
>>>>>>>>>> line
>>>>>>>>>> 215, in import_idmap
>>>>>>>>>>          samba3_idmap =
samba3.get_idmap_db()
>>>>>>>>>>        File
>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>>> line 406, in get_idmap_db
>>>>>>>>>>          return
IdmapDatabase(self.statedir_path("winbindd_idmap"))
>>>>>>>>>>        File
>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>>> line 63, in __init__
>>>>>>>>>>          self._check_version()
>>>>>>>>>>        File
>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>>> line 146, in _check_version
>>>>>>>>>>          assert fetch_int32(self.db,
"IDMAP_VERSION\0") =>>>>>>>>>>
IDMAP_VERSION_V2
>>>>>>>>>>
>>>>>>>>>>     If I remove/delete the file, the
provisioning continues and
>>>>>>>>>> tells
>>>>>>>>>> me
>>>>>>>>>>
>>>>>>>>>>   he
>>>>>>>>> did
>>>>>>>>> not find the file: *Can not open database
idmap, Ignoring: [Errno 2]
>>>>>>>>> No
>>>>>>>>> such file or directory*
>>>>>>>>>
>>>>>>>>> Can I still provisioning without the file?
There is the possibility
>>>>>>>>> of
>>>>>>>>> post-migration issues regarding lack of
this file?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>     Hi, on the wiki page, it tells you to
copy:
>>>>>>>>>
>>>>>>>>>   secrets.tdb
>>>>>>>> schannel_store.tdb
>>>>>>>> passdb.tdb
>>>>>>>> gencache_notrans.tdb
>>>>>>>> group_mapping.tdb
>>>>>>>> account_policy.tdb
>>>>>>>>
>>>>>>>> It does not mention
'winbindd_idmap.tdb'.
>>>>>>>>
>>>>>>>> So why are you including it ?
>>>>>>>>
>>>>>>>> Rowland
>>>>>>>> --
>>>>>>>> To unsubscribe from this list go to the
following URL and read the
>>>>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>     --
>>>>>> To unsubscribe from this list go to the following URL
and read the
>>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>>
>>>>>>
>>>>>>
>>>>>   --
>>>> To unsubscribe from this list go to the following URL and read
the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>
>>>>
>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>

Hey, man, the error:

Provisioning
smbldap_search_domain_info: Searching
for:[(&(objectClasssambaDomain)(sambaDomainName=EMPRESA))]
smbldap_open_connection: connection opened
failed to bind to server ldap://127.0.0.1 with
dn="cn=Manager,dc=empresa,dc=com"
Error: Invalid credentials
(unknown)


has been fixed. :D

I modified the master password of ldap (vm) for the same that was stored in
secrets.tdb (real server) and access the ldap vm.

Now, is a long layoff in the following message:

*Demoting BDC account trust for samba, this DC must be elevated to an AD DC
using 'samba-tool domain dcpromo'*

Provisioning
Exporting account policy
Exporting groups
Ignoring group 'Domain Users'
S-1-5-21-187220369-3628530160-3539241734-513
listed but then not found: Unable to enumerate group members,
(-1073741823,Undetermined error)
Ignoring group 'Administrators' S-1-5-32-544 listed but then not found:
Unable to enumerate members for alias, (-1073741487,The specified local
group does not exist.)
Ignoring group 'Account Operators' S-1-5-32-548 listed but then not
found:
Unable to enumerate members for alias, (-1073741487,The specified local
group does not exist.)
Ignoring group 'Print Operators' S-1-5-32-550 listed but then not found:
Unable to enumerate members for alias, (-1073741487,The specified local
group does not exist.)
Ignoring group 'Backup Operators' S-1-5-32-551 listed but then not
found:
Unable to enumerate members for alias, (-1073741487,The specified local
group does not exist.)
Ignoring group 'Replicators' S-1-5-32-552 listed but then not found:
Unable
to enumerate members for alias, (-1073741487,The specified local group does
not exist.)
Ignoring group 'Alunos' S-1-5-21-187220369-3628530160-3539241734-10080
listed but then not found: Unable to enumerate group members,
(-1073741823,Undetermined error)
Exporting users
  Skipping wellknown rid=500 (for username=root)
  Demoting BDC account trust for samba, this DC must be elevated to an AD
DC using 'samba-tool domain dcpromo'

Samba is working or he stopped and I need to perform the requested command
(samba-tool domain dcpromo)?

On Fri, May 22, 2015 at 8:52 AM, Elias Pereira <empbilly at gmail.com>
wrote:
> Rowland,
>
> Debbugging information:
> In my virtual environment for migration samba3 for Samba4 I have the
> following settings for my server:
>
> /etc/hosts
>
> 127.0.0.1            localhost
> 192.168.77.220  SOL.poa.ifrs.edu.br SOL
>
>
>
> /etc/network/interfaces
>
> # The loopback network interface
> auto lo
> iface lo inet loopback
>
> #auto eth0
> #iface eth0 inet dhcp
>
> auto eth1
> iface eth1 inet static
>         address 192.168.77.220
>         netmask 255.255.255.0
>         gateway 192.168.77.1
>
>
> /etc/resolv.conf
>
> domain              poa.ifrs.edu.br
> nameserver      192.168.77.220
>
>
> They are correct? These settings can somehow influence in not be
> connecting with the ldap at the time of provision?
>
> On Thu, May 21, 2015 at 5:57 PM, Rowland Penny <
> rowlandpenny at googlemail.com> wrote:
>
>>  On 21/05/15 21:49, Elias Pereira wrote:
>>
>> Rowland,
>>
>>  Perhaps this question is too stupid, but I have to ask. :)
>>
>>  This new server that will be the Samba4 AD/DC need to have installed
>> samba3 - working with ldap - just as I have in the real server?
>>
>>
>> No, you only need ldap running and the listed *.tdb files
>>
>>
>>  Why the question. Because has hinted when I read again this section of
>> the wiki:
>>  *Before you start, shutdown your Samba PDC services (smbd, nmbd,
>> winbind), but leave your LDAP server running...*
>>
https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29#The_classicupgrade_process
>>
>>  I'm wrong?
>>
>>
>> Not wrong really, just a slight misunderstanding and if you wait a
short
>> while it will be a lot clearer.
>>
>>
>> Rowland
>>
>>  On Thu, May 21, 2015 at 4:33 PM, Rowland Penny <
>> rowlandpenny at googlemail.com> wrote:
>>
>>> On 21/05/15 19:24, Elias Pereira wrote:
>>>
>>>>  Then why can the upgrade not contact the ldap server ?
>>>>>
>>>> I dont know! :(
>>>>
>>>> Was ldap running on another computer before ?
>>>>
>>>> I installed a temporary openLDAP backend on the new host.
>>>>
>>>
>>>  After examining upgrade.py, it would seem that you don't need
much of
>>> your original smb.conf, I am sending you a cut down smb.conf to
try.
>>>
>>> Have another read of the samba wiki page:
>>>
>>>
>>>
https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29
>>>
>>> Double check that you have done everything that pages suggests and
then
>>> try again with the smb.conf I will send you.
>>>
>>> If, as I hope, you are testing this in a VM (or similar) do the
testing
>>> in a terminal where you have logged into the VM as root via ssh.
You will
>>> then be able to cut & paste the output into an email. If you
are still
>>> having problems, send the output direct to me.
>>>
>>> Rowland
>>>
>>>
>>>
>>>> Can you post the smb.conf from the old PDC ? the one you are
trying to
>>>>
>>>>> upgrade from.
>>>>>
>>>> I sent my smb.conf to your private e-mail.
>>>>
>>>> On Thu, May 21, 2015 at 3:08 PM, Rowland Penny <
>>>> rowlandpenny at googlemail.com>
>>>> wrote:
>>>>
>>>>  On 21/05/15 18:46, Elias Pereira wrote:
>>>>>
>>>>>  Is ldap running on the computer you are trying to run the
>>>>>> classicupgrade
>>>>>>
>>>>>>> on?
>>>>>>>
>>>>>>>  Yes.
>>>>>>
>>>>>>  Then why can the upgrade not contact the ldap server ?
>>>>>
>>>>> Was ldap running on another computer before ?
>>>>>
>>>>> Can you post the smb.conf from the old PDC ? the one you
are trying to
>>>>> upgrade from.
>>>>>
>>>>> Rowland
>>>>>
>>>>>   I need to modify other files too?
>>>>>
>>>>>> On Thu, May 21, 2015 at 2:39 PM, Rowland Penny <
>>>>>> rowlandpenny at googlemail.com>
>>>>>> wrote:
>>>>>>
>>>>>>   On 21/05/15 18:22, Elias Pereira wrote:
>>>>>>
>>>>>>>   Ok. I uncomment that line and put:
>>>>>>>
>>>>>>>> passdb backend   = ldapsam:ldap://127.0.0.1
>>>>>>>>
>>>>>>>>   Is ldap running on the computer you are
trying to run the
>>>>>>>>
>>>>>>> classicupgrade
>>>>>>> on ?
>>>>>>>
>>>>>>> It needs to connect to the ldap server, so if the
ldap server is
>>>>>>> running
>>>>>>> on another computer, you need to use either the
FQDN of that
>>>>>>> computer or
>>>>>>> its ipaddress.
>>>>>>>
>>>>>>> Rowland
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>   Error message:
>>>>>>>
>>>>>>>>
>>>>>>>> Provisioning
>>>>>>>>
>>>>>>>>   smbldap_search_domain_info: Searching
>>>>>>>>
>>>>>>>>>
for:[(&(objectClass=sambaDomain)(sambaDomainName=EMPRESA))]
>>>>>>>>> smbldap_open_connection: connection opened
>>>>>>>>> failed to bind to server ldap://127.0.0.1
with
>>>>>>>>> dn="cn=Manager,dc=empresa,dc=com"
Error: Invalid credentials
>>>>>>>>> (unknown)
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>  On Thu, May 21, 2015 at 1:53 PM, Rowland
Penny <
>>>>>>>> rowlandpenny at googlemail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>    On 21/05/15 17:28, Elias Pereira wrote:
>>>>>>>>
>>>>>>>>     You're right, man! Sorry! My mistake!
>>>>>>>>>
>>>>>>>>>  I put that file because I read in
somewhere about the persistent
>>>>>>>>>> and
>>>>>>>>>> temporary files regarding .tdb files.
The winbindd_idamp.tbm was
>>>>>>>>>> on
>>>>>>>>>> that
>>>>>>>>>> list, and I think that's why I left
it in the folder. :D
>>>>>>>>>>
>>>>>>>>>> Another doubt. For the provisioning
starts, I had to comment out
>>>>>>>>>> the
>>>>>>>>>> line
>>>>>>>>>> referring to the ldap backend in the
smb.conf of samba3.
>>>>>>>>>>
>>>>>>>>>> # passdb backend   =
ldapsam:ldap://empresa.com
>>>>>>>>>>
>>>>>>>>>> This can affect the provisioning?
>>>>>>>>>>
>>>>>>>>>>    Possibly, without that line I
don't think it will contact the
>>>>>>>>>> ldap
>>>>>>>>>>
>>>>>>>>>>  server,
>>>>>>>>> but 'ldap://empresa.com'
doesn't look right, I would expect
>>>>>>>>> something
>>>>>>>>> like 'ldap://ldapdc.empresa.com' 
or 'ldap://127.0.0.1' i.e a
>>>>>>>>> resolvable
>>>>>>>>> dns address.
>>>>>>>>>
>>>>>>>>> Rowland
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>    On Thu, May 21, 2015 at 12:48 PM,
Rowland Penny <
>>>>>>>>>
>>>>>>>>>  rowlandpenny at googlemail.com
>>>>>>>>>>
>>>>>>>>>>    wrote:
>>>>>>>>>>
>>>>>>>>>>  On 21/05/15 16:31, Elias Pereira
wrote:
>>>>>>>>>>>
>>>>>>>>>>>     I copied all the database files
of samba3 as is mentioned in
>>>>>>>>>>> the
>>>>>>>>>>> wiki -
>>>>>>>>>>>
>>>>>>>>>>>   The
>>>>>>>>>>>
>>>>>>>>>>>> classicupgrade process
>>>>>>>>>>>> <
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
https://wiki.samba.org/index.php/Samba_Classic_Upgrade_(NT4-style_domain_to_AD)#The_classicupgrade_process
>>>>>>>>>>>>
>>>>>>>>>>>> But if the winbindd_idmap.tdb
file is in the folder, the errors
>>>>>>>>>>>> occur.
>>>>>>>>>>>> See
>>>>>>>>>>>> below:
>>>>>>>>>>>>
>>>>>>>>>>>> Importing idmap database
>>>>>>>>>>>>
>>>>>>>>>>>>     ERROR(assert): uncaught
exception
>>>>>>>>>>>>
>>>>>>>>>>>>         File
>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>>>>>>>>>>>>> line 175, in _run
>>>>>>>>>>>>>          return
self.run(*args, **kwargs)
>>>>>>>>>>>>>        File
>>>>>>>>>>>>>
>>>>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
>>>>>>>>>>>>> line 1452, in run
>>>>>>>>>>>>>          useeadb=eadb,
dns_backend=dns_backend,
>>>>>>>>>>>>> use_ntvfs=use_ntvfs)
>>>>>>>>>>>>>        File
>>>>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
>>>>>>>>>>>>> line
>>>>>>>>>>>>> 749, in upgrade_from_samba3
>>>>>>>>>>>>>         
import_idmap(result.idmap, samba3, logger)
>>>>>>>>>>>>>        File
>>>>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/upgrade.py",
>>>>>>>>>>>>> line
>>>>>>>>>>>>> 215, in import_idmap
>>>>>>>>>>>>>          samba3_idmap =
samba3.get_idmap_db()
>>>>>>>>>>>>>        File
>>>>>>>>>>>>>
>>>>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>>>>>> line 406, in get_idmap_db
>>>>>>>>>>>>>          return
>>>>>>>>>>>>>
IdmapDatabase(self.statedir_path("winbindd_idmap"))
>>>>>>>>>>>>>        File
>>>>>>>>>>>>>
>>>>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>>>>>> line 63, in __init__
>>>>>>>>>>>>>         
self._check_version()
>>>>>>>>>>>>>        File
>>>>>>>>>>>>>
>>>>>>>>>>>>>
"/opt/samba/lib/python2.7/site-packages/samba/samba3/__init__.py",
>>>>>>>>>>>>> line 146, in _check_version
>>>>>>>>>>>>>          assert
fetch_int32(self.db, "IDMAP_VERSION\0")
=>>>>>>>>>>>>> IDMAP_VERSION_V2
>>>>>>>>>>>>>
>>>>>>>>>>>>>     If I remove/delete the
file, the provisioning continues and
>>>>>>>>>>>>> tells
>>>>>>>>>>>>> me
>>>>>>>>>>>>>
>>>>>>>>>>>>>   he
>>>>>>>>>>>>>
>>>>>>>>>>>> did
>>>>>>>>>>>> not find the file: *Can not
open database idmap, Ignoring:
>>>>>>>>>>>> [Errno 2]
>>>>>>>>>>>> No
>>>>>>>>>>>> such file or directory*
>>>>>>>>>>>>
>>>>>>>>>>>> Can I still provisioning
without the file? There is the
>>>>>>>>>>>> possibility
>>>>>>>>>>>> of
>>>>>>>>>>>> post-migration issues regarding
lack of this file?
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>     Hi, on the wiki page, it
tells you to copy:
>>>>>>>>>>>>
>>>>>>>>>>>>   secrets.tdb
>>>>>>>>>>>>
>>>>>>>>>>> schannel_store.tdb
>>>>>>>>>>> passdb.tdb
>>>>>>>>>>> gencache_notrans.tdb
>>>>>>>>>>> group_mapping.tdb
>>>>>>>>>>> account_policy.tdb
>>>>>>>>>>>
>>>>>>>>>>> It does not mention
'winbindd_idmap.tdb'.
>>>>>>>>>>>
>>>>>>>>>>> So why are you including it ?
>>>>>>>>>>>
>>>>>>>>>>> Rowland
>>>>>>>>>>> --
>>>>>>>>>>> To unsubscribe from this list go to
the following URL and read
>>>>>>>>>>> the
>>>>>>>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>     --
>>>>>>>>>>>
>>>>>>>>>>  To unsubscribe from this list go to
the following URL and read
>>>>>>>>> the
>>>>>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>    --
>>>>>>>>
>>>>>>> To unsubscribe from this list go to the following
URL and read the
>>>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>  --
>>>>> To unsubscribe from this list go to the following URL and
read the
>>>>> instructions: 
https://lists.samba.org/mailman/options/samba
>>>>>
>>>>>
>>>>
>>>>
>>> --
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>>
>>
>>
>>  --
>> Elias Pereira
>>
>>
>>
>
>
> --
> Elias Pereira
>


-- 
Elias Pereira

Rowland,

Analyzing the syslog, I see it is working. I will be awaiting! :D

On Fri, May 22, 2015 at 9:35 AM, Elias Pereira <empbilly at gmail.com>
wrote:
> Hey, man, the error:
>
> Provisioning
> smbldap_search_domain_info: Searching for:[(&(objectClass>
sambaDomain)(sambaDomainName=EMPRESA))]
> smbldap_open_connection: connection opened
> failed to bind to server ldap://127.0.0.1 with
> dn="cn=Manager,dc=empresa,dc=com" Error: Invalid credentials
> (unknown)
>
>
> has been fixed. :D
>
> I modified the master password of ldap (vm) for the same that was stored
> in secrets.tdb (real server) and access the ldap vm.
>
> Now, is a long layoff in the following message:
>
> *Demoting BDC account trust for samba, this DC must be elevated to an AD
> DC using 'samba-tool domain dcpromo'*
>
> Provisioning
> Exporting account policy
> Exporting groups
> Ignoring group 'Domain Users'
S-1-5-21-187220369-3628530160-3539241734-513
> listed but then not found: Unable to enumerate group members,
> (-1073741823,Undetermined error)
> Ignoring group 'Administrators' S-1-5-32-544 listed but then not
found:
> Unable to enumerate members for alias, (-1073741487,The specified local
> group does not exist.)
> Ignoring group 'Account Operators' S-1-5-32-548 listed but then not
found:
> Unable to enumerate members for alias, (-1073741487,The specified local
> group does not exist.)
> Ignoring group 'Print Operators' S-1-5-32-550 listed but then not
found:
> Unable to enumerate members for alias, (-1073741487,The specified local
> group does not exist.)
> Ignoring group 'Backup Operators' S-1-5-32-551 listed but then not
found:
> Unable to enumerate members for alias, (-1073741487,The specified local
> group does not exist.)
> Ignoring group 'Replicators' S-1-5-32-552 listed but then not
found:
> Unable to enumerate members for alias, (-1073741487,The specified local
> group does not exist.)
> Ignoring group 'Alunos'
S-1-5-21-187220369-3628530160-3539241734-10080
> listed but then not found: Unable to enumerate group members,
> (-1073741823,Undetermined error)
> Exporting users
>   Skipping wellknown rid=500 (for username=root)
>   Demoting BDC account trust for samba, this DC must be elevated to an AD
> DC using 'samba-tool domain dcpromo'
>
> Samba is working or he stopped and I need to perform the requested command
> (samba-tool domain dcpromo)?
>