Richard
2017-Jan-13 21:21 UTC
[Samba] Problems joining a Samba DC to an existing active directory
I created a new Samba 4.5.3 server to join our 4.5.3 AD domain as a DC
Following these instructions:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Di
rectory
everything went fine until I got here:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Di
rectory#Built-in_Groups_GID_Mappings
where running the required:
samba-tool ntacl sysvolreset
command resulted in the following errors:
open: error=2 (No such file or directory)
ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined error')
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/ntacl.py",
line
239, in run
lp, use_ntvfs=use_ntvfs)
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py"
, line 1609, in setsysvolacl
set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp,
use_ntvfs, passdb=s4_passdb)
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py"
, line 1502, in set_gpos_acl
use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb,
service=SYSVOL_SERVICE)
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/ntacls.py",
line 162, in setntacl
smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP |
security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
I have absolutely no idea what to do to resolve this. Any input would be
greatly appreciated - thanks in advance!
Rowland Penny
2017-Jan-13 22:44 UTC
[Samba] Problems joining a Samba DC to an existing active directory
On Fri, 13 Jan 2017 23:21:43 +0200 Richard via samba <samba at lists.samba.org> wrote:> I created a new Samba 4.5.3 server to join our 4.5.3 AD domain as a DC > > > > Following these instructions: > > > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Di > rectory > > > > everything went fine until I got here: > > > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Di > rectory#Built-in_Groups_GID_Mappings > > > > where running the required: > > > > samba-tool ntacl sysvolreset > > > > command resulted in the following errors: > > > > open: error=2 (No such file or directory) > > ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined > error') > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py", > line 176, in _run > > return self.run(*args, **kwargs) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/ntacl.py", > line 239, in run > > lp, use_ntvfs=use_ntvfs) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py" > , line 1609, in setsysvolacl > > set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, > use_ntvfs, passdb=s4_passdb) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py" > , line 1502, in set_gpos_acl > > use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb, > service=SYSVOL_SERVICE) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/ntacls.py", > line 162, in setntacl > > smbd.set_nt_acl(file, security.SECINFO_OWNER | > security.SECINFO_GROUP | security.SECINFO_DACL | > security.SECINFO_SACL, sd, service=service) > > > > I have absolutely no idea what to do to resolve this. Any input would > be greatly appreciated - thanks in advance! > > > > >You haven't got all the sysvol contents, you will need to copy them from the original DC with rsync, see here: https://wiki.samba.org/index.php/SysVol_replication_%28DFS-R%29 Choose your way of doing it, I recommend the osync variant ;-) Rowland
Richard
2017-Jan-13 23:04 UTC
[Samba] Problems joining a Samba DC to an existing active directory
Hi Rowland, thanks so much - I'm an idiot. I've actually just done it using the "simple rsync" option and the sysvolreset went through 100% -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny via samba Sent: 14 January 2017 00:45 To: samba at lists.samba.org Subject: Re: [Samba] Problems joining a Samba DC to an existing active directory On Fri, 13 Jan 2017 23:21:43 +0200 Richard via samba <samba at lists.samba.org> wrote:> I created a new Samba 4.5.3 server to join our 4.5.3 AD domain as a DC > > > > Following these instructions: > > > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Act > ive_Di > rectory > > > > everything went fine until I got here: > > > > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Act > ive_Di > rectory#Built-in_Groups_GID_Mappings > > > > where running the required: > > > > samba-tool ntacl sysvolreset > > > > command resulted in the following errors: > > > > open: error=2 (No such file or directory) > > ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined > error') > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__. > py", > line 176, in _run > > return self.run(*args, **kwargs) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/ntacl.py" > , > line 239, in run > > lp, use_ntvfs=use_ntvfs) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py" > , line 1609, in setsysvolacl > > set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, > use_ntvfs, passdb=s4_passdb) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init__.py" > , line 1502, in set_gpos_acl > > use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb, > service=SYSVOL_SERVICE) > > File > "/usr/local/samba/lib64/python2.7/site-packages/samba/ntacls.py", > line 162, in setntacl > > smbd.set_nt_acl(file, security.SECINFO_OWNER | > security.SECINFO_GROUP | security.SECINFO_DACL | > security.SECINFO_SACL, sd, service=service) > > > > I have absolutely no idea what to do to resolve this. Any input would > be greatly appreciated - thanks in advance! > > > > >You haven't got all the sysvol contents, you will need to copy them from the original DC with rsync, see here: https://wiki.samba.org/index.php/SysVol_replication_%28DFS-R%29 Choose your way of doing it, I recommend the osync variant ;-) Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba