samba - Aug 2016 - classic upgrade error "uncaught exception - Unable to add sam account 'guest', "

hello.these days ,I diceded to migrating a Samba NT4 domain to a Samba AD
domain.I follow all the steps as this link "
https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_domain_to_a_Samba_AD_domain_(classic_upgrade)
"
but I have error when samba-tool domain classic upgrade using
sernet-samba-4.4.logs like this:
[root at pdc dbdir]# samba-tool domain classicupgrade
--dbdir=/root/dbdir/samba --use-xattrs=yes \
> --realm=adagene.cn --dns-backend=SAMBA_INTERNAL /root/dbdir/smb.conf
Reading smb.conf
Unknown parameter encountered: "display charset"
Ignoring unknown parameter "display charset"
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[laboratory_share]"
Processing section "[company_general]"
Processing section "[administrator]"
Processing section "[HR]"
Processing section "[computation]"
Processing section "[IT]"
Processing section "[ip]"
Processing section "[BD_Intel]"
Processing section "[application]"
Processing section "[safety]"
Processing section "[sequencing_oligo]"
Processing section "[hr_employee]"
Processing section "[caiwu]"
Processing section "[grant]"
Processing section "[sequence]"
Processing section "[cn_patent]"
Processing section "[software develop]"
Processing section "[BI]"
Processing section "[Project Management]"
Processing section "[Project]"
Processing section "[Trial]"
Processing section "[Remote_Work]"
Processing section "[Group_Management]"
Provisioning
Exporting account policy
Exporting groups
Exporting users
Ignoring group memberships of 'ding_zuo'
S-1-5-21-570971082-1333357699-3675202899-1158: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'adagene016$'
S-1-5-21-570971082-1333357699-3675202899-1036: Unable to enumerate group
memberships, (-1073741724,No such user)
Ignoring group memberships of 'peter_cheung'
S-1-5-21-570971082-1333357699-3675202899-1279: Unable to enumerate group
memberships, (-1073741724,No such user)
........a lot of these Ignoring group memberships........

Next rid = 1295
Exporting posix attributes
Reading WINS database
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
ldb_wrap open of hklm.ldb
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
partition_metadata: Migrating partition metadata: open of metadata.tdb
gave: (null)
Adding DomainDN: DC=adagene,DC=cn
DN: DC=adagene,DC=cn is a NC
Adding configuration container
DN: CN=Configuration,DC=adagene,DC=cn is a NC
Setting up sam.ldb schema
DN: CN=Schema,CN=Configuration,DC=adagene,DC=cn is a NC
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
Setting acl on sysvol skipped
Adding DNS accounts
Creating CN=MicrosoftDNS,CN=System,DC=adagene,DC=cn
Creating DomainDnsZones and ForestDnsZones partitions
DN: DC=DomainDnsZones,DC=adagene,DC=cn is a NC
DN: DC=ForestDnsZones,DC=adagene,DC=cn is a NC
Populating DomainDnsZones and ForestDnsZones partitions
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated at
/var/lib/samba/private/krb5.conf
Setting up fake yp server settings
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           active directory domain controller
Hostname:              pdc
NetBIOS Domain:        ADAGENE
DNS Domain:            adagene.cn
DOMAIN SID:            S-1-5-21-570971082-1333357699-3675202899
Importing WINS database
Importing Account policy
Importing idmap database
Cannot open idmap database, Ignoring: [Errno 2] No such file or directory
lp_load_ex: refreshing parameters
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"
ldb_wrap open of idmap.ldb
Adding groups
Importing groups
Group already exists sid=S-1-5-21-570971082-1333357699-3675202899-512,
groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.
Committing 'add groups' transaction to disk
Adding users
Importing users
User root has been kept in the directory, it should be removed in favour of
the Administrator user
ERROR(<class 'passdb.error'>): uncaught exception - Unable to add
sam
account 'guest', (-1073741725,User exists)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line
175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line
1565, in run
    useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)
  File "/usr/lib64/python2.7/site-packages/samba/upgrade.py", line
801, in
upgrade_from_samba3
    s4_passdb.add_sam_account(userdata[username])


what should I do?pls help

On Mon, 2016-08-15 at 15:46 +0800, xingya xu via samba
wrote:
> hello.these days ,I diceded to migrating a Samba NT4 domain to a
> Samba AD
> domain.I follow all the steps as this link "
> https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_domain_to_a_Sa
> mba_AD_domain_(classic_upgrade)
> "
> but I have error when samba-tool domain classic upgrade using
> sernet-samba-4.4.logs like this:
> ERROR(<class 'passdb.error'>): uncaught exception - Unable to
add sam
> account 'guest', (-1073741725,User exists)
> 
It means you have a 'guest' account with an incorrect RID in your
existing passdb.  If it had the right RID (<1000) we would have ignored
it, but instead we collide with the proper guest account during the
upgrade.

Just remove it and try again.

Thanks!

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba