Ricardo Pardim Claus
2016-Jul-10 11:57 UTC
[Samba] Compatibility with Windows Server 2012 R2
I had joined the Samba as a secondary DC. At first he imported all (accounts, groups, users and gpo).I can see all the objects that were imported. But the version of Schema Samba came as 69. The errors that I notice is regarding DNS and ForestDNS synchronization.It seems that the error is displayed when you synchronize Samba for Windows. When Windows to Samba, the commands do not return error.>From this scenario (Samba with imported objects), even with the Schema version 69, you have another idea or tip so I can study the complete migration of the main DC to Samba?De: Marc Muehlfeld <mmuehlfeld at samba.org> Para: Ricardo Pardim Claus <ricardo.claus at yahoo.com.br>; "samba at lists.samba.org" <samba at lists.samba.org> Enviadas: Sábado, 9 de Julho de 2016 12:20 Assunto: Re: [Samba] Compatibility with Windows Server 2012 R2 Hello Ricardo, Am 09.07.2016 um 13:03 schrieb Ricardo Pardim Claus:> Dear Marc,In the field we have only simple objects > (GPO desktop, file server, users and groups). > In total, there are approximately 100 desktops +120 users. > Only one site. How to create a new domain in > the Samba with the same SID of the current domain?# samba-tool domain provision --help ... --domain-sid=SID> So I could create a new DC with the same domain and SID, > and import objects (users and desktops accounts).Theoretically it's possible, but I've never tried it. At the moment I don't have suggestion for a tool that exports everything that is important (e. g. accounts incl. passwords, etc.). If you were sucessful it's worth publishing the steps. :-) Regards, Marc
Ricardo Pardim Claus
2016-Jul-11 14:15 UTC
[Samba] Compatibility with Windows Server 2012 R2
Dear Marc,I made some changes in Windos Server 2008, apparently he is working with version 47 of the AD schema. As far as the changes were valid, I do not know. I consulted the information through the following command: C:\Windows\System32>Schupgr.exeOpened Connection to SRV07SSPI Bind succeededCurrent Schema Version is 47Upgrading schema to version 47The schema has already Been upgraded. Rerun setup to upgrade this DC. Samba 4, I refer to the version of the schema through the following command: ldbsearch -H /usr/local/samba/private/sam.ldb -b 'cn=Schema,cn=Configuration,dc=domain,dc=local' -s base objectVersion # 1 recorddn: CN = Schema, CN = Configuration, DC = domain, DC = localobjectVersion: 47 # 1 records returned# 1 entries# 0 referrals[root at srv~] # At first I would like to demote the Samba, so I can do a fresh install.Since the beginning of the Samba tests like DC, I've received several synchronization errors, especially when I try to demote the Samba.But I'm trying here. De: Ricardo Pardim Claus <ricardo.claus at yahoo.com.br> Para: Marc Muehlfeld <mmuehlfeld at samba.org>; "samba at lists.samba.org" <samba at lists.samba.org> Enviadas: Domingo, 10 de Julho de 2016 8:57 Assunto: Re: [Samba] Compatibility with Windows Server 2012 R2 I had joined the Samba as a secondary DC. At first he imported all (accounts, groups, users and gpo).I can see all the objects that were imported. But the version of Schema Samba came as 69. The errors that I notice is regarding DNS and ForestDNS synchronization.It seems that the error is displayed when you synchronize Samba for Windows. When Windows to Samba, the commands do not return error.>From this scenario (Samba with imported objects), even with the Schema version 69, you have another idea or tip so I can study the complete migration of the main DC to Samba?
On Sun, 2016-07-10 at 11:57 +0000, Ricardo Pardim Claus wrote:> I had joined the Samba as a secondary DC. At first he imported all > (accounts, groups, users and gpo).I can see all the objects that were > imported. But the version of Schema Samba came as 69. The errors that > I notice is regarding DNS and ForestDNS synchronization.It seems that > the error is displayed when you synchronize Samba for Windows. When > Windows to Samba, the commands do not return error. > From this scenario (Samba with imported objects), even with the > Schema version 69, you have another idea or tip so I can study the > complete migration of the main DC to Samba?So, is your Samba DC working with the import? Marc is correct, we don't 'support' the later schema versions. However, it is mostly that we haven't figured out why the reverse replication doesn't work. It is also possible that a number of our recent bug fixes in master (to become 4.5) have addressed some of the issues. If your domain is working with the import, then continuing with it may be a reasonable course of action, you just won't be able to replicate data back to Windows. I hope this helps, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Ricardo Pardim Claus
2016-Jul-12 18:05 UTC
[Samba] Compatibility with Windows Server 2012 R2
Dear Andrew,I appreciate the support.I'm sure that will soon get the solution to the problem of compatibility between versions of the schema. I just did a test. I created a User with the samba-tool, then I went on AD and checked. Replication worked perfectly.Also had success with the command: samba-tool drs clone-dc-databaseThe database has been successfully cloned. I will perform other tests, but I'm convinced that I will be able to replace MS by Samba.Thank you all! De: Andrew Bartlett <abartlet at samba.org> Para: Ricardo Pardim Claus <ricardo.claus at yahoo.com.br>; Marc Muehlfeld <mmuehlfeld at samba.org>; "samba at lists.samba.org" <samba at lists.samba.org> Enviadas: Terça-feira, 12 de Julho de 2016 7:08 Assunto: Re: [Samba] Compatibility with Windows Server 2012 R2 On Sun, 2016-07-10 at 11:57 +0000, Ricardo Pardim Claus wrote:> I had joined the Samba as a secondary DC. At first he imported all > (accounts, groups, users and gpo).I can see all the objects that were > imported. But the version of Schema Samba came as 69. The errors that > I notice is regarding DNS and ForestDNS synchronization.It seems that > the error is displayed when you synchronize Samba for Windows. When > Windows to Samba, the commands do not return error. > From this scenario (Samba with imported objects), even with the > Schema version 69, you have another idea or tip so I can study the > complete migration of the main DC to Samba?So, is your Samba DC working with the import? Marc is correct, we don't 'support' the later schema versions. However, it is mostly that we haven't figured out why the reverse replication doesn't work. It is also possible that a number of our recent bug fixes in master (to become 4.5) have addressed some of the issues. If your domain is working with the import, then continuing with it may be a reasonable course of action, you just won't be able to replicate data back to Windows. I hope this helps, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Ricardo Pardim Claus
2016-Jul-22 12:56 UTC
[Samba] Compatibility with Windows Server 2012 R2
Dear Andrew,Although I have mentioned at the beginning of the post, the version of Windows Server 2012 R2 is, I changed the version of the schema through the registry by using the ADSI Edit tool. After changing this registry, I rebooted the server and checked the version of the schema. The tests showed that the version of the schema that Windows was working, is version 47.So I created a new VM with Windows 2008 R2, and promoted it to a primary DC, transferring all the rules. Then I despromovi Windows 2012 and turned off the VM. This whole process Samba being a secondary DC.There's the question of the DHCP server, it requires that the DNS Bind is updated as PIs distributed in DHCP. Now I have a question.In Windows to Samba migration process, if I take a snapshot of the VM and turn off the Windows 2008, Samba I transfer all the rules and then I force the removal of windows 2008, I can already leave the Samba as a primary DC? You could indicate some tests that I can perform to see if all the features of Samba DC are working?Thank you! De: Andrew Bartlett <abartlet at samba.org> Para: Ricardo Pardim Claus <ricardo.claus at yahoo.com.br>; Marc Muehlfeld <mmuehlfeld at samba.org>; "samba at lists.samba.org" <samba at lists.samba.org> Enviadas: Terça-feira, 12 de Julho de 2016 7:08 Assunto: Re: [Samba] Compatibility with Windows Server 2012 R2 On Sun, 2016-07-10 at 11:57 +0000, Ricardo Pardim Claus wrote:> I had joined the Samba as a secondary DC. At first he imported all > (accounts, groups, users and gpo).I can see all the objects that were > imported. But the version of Schema Samba came as 69. The errors that > I notice is regarding DNS and ForestDNS synchronization.It seems that > the error is displayed when you synchronize Samba for Windows. When > Windows to Samba, the commands do not return error. > From this scenario (Samba with imported objects), even with the > Schema version 69, you have another idea or tip so I can study the > complete migration of the main DC to Samba?So, is your Samba DC working with the import? Marc is correct, we don't 'support' the later schema versions. However, it is mostly that we haven't figured out why the reverse replication doesn't work. It is also possible that a number of our recent bug fixes in master (to become 4.5) have addressed some of the issues. If your domain is working with the import, then continuing with it may be a reasonable course of action, you just won't be able to replicate data back to Windows. I hope this helps, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba