thank you for the quick reply! Le 17/07/2018 à 12:09, Rowland Penny via samba a écrit :> On Tue, 17 Jul 2018 11:30:43 +0200 > Arnaud FLORENT via samba <samba at lists.samba.org> wrote: > >> Hello >> >> i have a problem after classicupgrade on ubuntu 14.04/samba 4.3.11 >> >> i know this version is not supported, sorry no way for the moment to >> do ubuntu upgrade... >> >> >> before migration >> >> netbios name in smb.conf (irisserv) did not match dns hostname >> (noordo) >> >> so AD was provisionned but with irisserv >> and there are no servicePrincipalName in irisserv ldap entry... >> >> >> is there a way to fix this? >> >> Thank you >> >> >> > There is a script to rename a DC, you might have to download a Samba > tarball to get it. > You will find it at SAMBA_VERSION/source4/scripting/bin/renamedc > > Never used it, but it should do what you require, but, as always, test > it before using it in production.i will try this asap in AD smb.conf there was netbios name = noordo (dns hostname) if i change to netbios name = irisserv and restart samba servicePrincipalName attributes are created...> > If you are still testing the upgrade procedure, it might be easier to > run the upgrade again, but read this first: > > https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)#Domain_Controller_namei did not see any warning about this is it supported?> > Once you have a DC provisioned, you can use samba-tool to add SPN'sroot at noordo:/var/log/kwartz# samba-tool spn list irisserv irisserv ERROR: User irisserv not found root at noordo:/var/log/kwartz# samba-tool spn list noordo noordo ERROR: User noordo not found but ldbsearch cn=irisserv servicePrincipalName works...
On Tue, 17 Jul 2018 12:30:08 +0200 Arnaud FLORENT via samba <samba at lists.samba.org> wrote:> thank you for the quick reply! > > > Le 17/07/2018 à 12:09, Rowland Penny via samba a écrit : > > On Tue, 17 Jul 2018 11:30:43 +0200 > > Arnaud FLORENT via samba <samba at lists.samba.org> wrote: > > > >> Hello > >> > >> i have a problem after classicupgrade on ubuntu 14.04/samba 4.3.11 > >> > >> i know this version is not supported, sorry no way for the moment > >> to do ubuntu upgrade... > >> > >> > >> before migration > >> > >> netbios name in smb.conf (irisserv) did not match dns hostname > >> (noordo) > >> > >> so AD was provisionned but with irisserv > >> and there are no servicePrincipalName in irisserv ldap entry... > >> > >> > >> is there a way to fix this? > >> > >> Thank you > >> > >> > >> > > There is a script to rename a DC, you might have to download a Samba > > tarball to get it. > > You will find it at SAMBA_VERSION/source4/scripting/bin/renamedc > > > > Never used it, but it should do what you require, but, as always, > > test it before using it in production. > i will try this asap > > > in AD smb.conf there was netbios name = noordo (dns hostname) > > if i change to netbios name = irisserv > and restart samba > servicePrincipalName attributes are created... > > > > > If you are still testing the upgrade procedure, it might be easier > > to run the upgrade again, but read this first: > > > > https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)#Domain_Controller_name > i did not see any warning about this > is it supported?It wouldn't be on a Samba wikipage if it wasn't supported.> > > > > > Once you have a DC provisioned, you can use samba-tool to add SPN's > root at noordo:/var/log/kwartz# samba-tool spn list irisserv > irisserv > ERROR: User irisserv not found > root at noordo:/var/log/kwartz# samba-tool spn list noordo > noordo > ERROR: User noordo not foundYou are missing something ;-) root at dc4:~# samba-tool spn list devstation devstation ERROR: User devstation not found root at dc4:~# samba-tool spn list devstation$ devstation$ User CN=DEVSTATION,CN=Computers,DC=samdom,DC=example,DC=com has the following servicePrincipalName: HOST/DEVSTATION HOST/devstation.samdom.example.com You are missing the '$' on the end of the computer name. Rowland
Le 17/07/2018 à 12:58, Rowland Penny via samba a écrit :> On Tue, 17 Jul 2018 12:30:08 +0200 > Arnaud FLORENT via samba <samba at lists.samba.org> wrote: > >> thank you for the quick reply! >> >> >> Le 17/07/2018 à 12:09, Rowland Penny via samba a écrit : >>> On Tue, 17 Jul 2018 11:30:43 +0200 >>> Arnaud FLORENT via samba <samba at lists.samba.org> wrote: >>> >>>> Hello >>>> >>>> i have a problem after classicupgrade on ubuntu 14.04/samba 4.3.11 >>>> >>>> i know this version is not supported, sorry no way for the moment >>>> to do ubuntu upgrade... >>>> >>>> >>>> before migration >>>> >>>> netbios name in smb.conf (irisserv) did not match dns hostname >>>> (noordo) >>>> >>>> so AD was provisionned but with irisserv >>>> and there are no servicePrincipalName in irisserv ldap entry... >>>> >>>> >>>> is there a way to fix this? >>>> >>>> Thank you >>>> >>>> >>>> >>> There is a script to rename a DC, you might have to download a Samba >>> tarball to get it. >>> You will find it at SAMBA_VERSION/source4/scripting/bin/renamedc >>> >>> Never used it, but it should do what you require, but, as always, >>> test it before using it in production. >> i will try this asap >> >> >> in AD smb.conf there was netbios name = noordo (dns hostname) >> >> if i change to netbios name = irisserv >> and restart samba >> servicePrincipalName attributes are created... >> >>> If you are still testing the upgrade procedure, it might be easier >>> to run the upgrade again, but read this first: >>> >>> https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)#Domain_Controller_name >> i did not see any warning about this >> is it supported? > It wouldn't be on a Samba wikipage if it wasn't supported.i know, i was not can we have a AD DC server with a netbios name that differs from DNS hostname especially for kerberos... the wiki only says that we can change/set 'netbios name' i does not say if it has to match name in /etc/hostname so does it have to match name in /etc/hostname ?> >> >>> Once you have a DC provisioned, you can use samba-tool to add SPN's >> root at noordo:/var/log/kwartz# samba-tool spn list irisserv >> irisserv >> ERROR: User irisserv not found >> root at noordo:/var/log/kwartz# samba-tool spn list noordo >> noordo >> ERROR: User noordo not found > You are missing something ;-) > > root at dc4:~# samba-tool spn list devstation > devstation > ERROR: User devstation not found > root at dc4:~# samba-tool spn list devstation$ > devstation$ > User CN=DEVSTATION,CN=Computers,DC=samdom,DC=example,DC=com has the following servicePrincipalName: > HOST/DEVSTATION > HOST/devstation.samdom.example.com > > You are missing the '$' on the end of the computer name.OK great it works thank you!> > Rowland > >