Have a need to support one NT4 server in one environment and trying to escape the past a bit by upgrading the PDC which currently runs Samba-3.6.24. So far my testing has shown that Samba4-4.5 as a PDC appears to work just fine. I can even install Exchange 5.5 on the test NT4 server in this environment. However attempting the same Exchange 5.5 installation when running Samba4 in AD mode it quickly dies with this problem: =========================================While attempting to create the Microsoft System Attendant service, the following error was encountered: The account name is invalid or does not exist. Microsoft Windows NT ID no: 0xc0020421 ========================================= [new dialog box] =========================================Processing file 'D:\SERVER\SETUP\I386\server.ins', at or near line 12 The account name is invalid or does not exist. Microsoft Windows NT ID no: 0xc0020421 ========================================= [server.ins] around line 12 =========================================; ServiceManager(MAD) CreateService:MSExchangeSA;Microsoft Exchange System Attendant;bin\mad.exe; EventLog$OLE$NtLmSsp$RPCLOCATOR$RPCSS$LanmanWorkstation$LanmanServer$ ========================================= Basically I'd like to move the whole account into the world of AD, and the NT4 server does appear to basically work with Samba4 as an AD up to a point (it successfully joins the AD and users get authenticated and can logon), but if Exchange doesn't work with it I'll be stuck in DC land for a time. The AD users do get enumerated in the Exchange setup dialog box so I can choose the proper service account but things go south after that - maybe akin to how the User Manager For Domains cannot enumerate the users. If there is a fix that would be great, if not, at least Samba has allowed me to nurse this along much longer than would have otherwise been possible. Thanks!
I am surprised that you were even able to join NT4 to a "classic" domain with Samba 4.x. On the NT4 machine that does work, which account does the System Attendant svc run under? Does that service account belong to domain groups? On the NT4 machine in the AD domain, did that service even get created ? On 01/31/17 16:13, Sonic via samba wrote:> Have a need to support one NT4 server in one environment and trying to > escape > the past a bit by upgrading the PDC which currently runs Samba-3.6.24. > > So far my testing has shown that Samba4-4.5 as a PDC appears to work just > fine. > I can even install Exchange 5.5 on the test NT4 server in this environment. > However attempting the same Exchange 5.5 installation when running Samba4 > in AD > mode it quickly dies with this problem: > =========================================> While attempting to create the Microsoft System Attendant service, the > following error was encountered: > > The account name is invalid or does not exist. > > Microsoft Windows NT > ID no: 0xc0020421 > =========================================> > [new dialog box] > =========================================> Processing file 'D:\SERVER\SETUP\I386\server.ins', at or near line 12 > > The account name is invalid or does not exist. > > Microsoft Windows NT > ID no: 0xc0020421 > =========================================> > [server.ins] around line 12 > =========================================> ; ServiceManager(MAD) > CreateService:MSExchangeSA;Microsoft Exchange System > Attendant;bin\mad.exe; > EventLog$OLE$NtLmSsp$RPCLOCATOR$RPCSS$LanmanWorkstation$LanmanServer$ > =========================================> > Basically I'd like to move the whole account into the world of AD, and the > NT4 > server does appear to basically work with Samba4 as an AD up to a point (it > successfully joins the AD and users get authenticated and can logon), but > if Exchange doesn't work with it I'll be stuck in DC land for a time. The > AD users do get enumerated in the Exchange setup dialog box so I can choose > the proper service account but things go south after that - maybe akin to > how the User Manager For Domains cannot enumerate the users. > > If there is a fix that would be great, if not, at least Samba has allowed > me to nurse this along much longer than would have otherwise been possible. > > Thanks!
On Tue, Jan 31, 2017 at 4:38 PM, Gaiseric Vandal via samba <samba at lists.samba.org> wrote:> I am surprised that you were even able to join NT4 to a "classic" domain > with Samba 4.x.Yes, that works quite fine with some tweaking of the smb.conf parameters.> On the NT4 machine that does work, which account does the System Attendant > svc run under?In this case an account named "exsrvrservice".> Does that service account belong to domain groups?Yes.> On the NT4 machine in the AD domain, did that service even get created ?It was created during the "Classic Upgrade" process like the rest of the accounts. Before the upgrade all worked fine, after the problem exists. I'm doing the testing using VM's and LXC's allowing returns to different snapshot points. Chris