I would have added an extra DC.. Move FSMO Removed old server from AD, Cleanup AD. Install new server with new ip's. And Add CNAMEs where needed, Move FSMO back. Remove extra DC. ;-) Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: vrijdag 4 september 2020 10:00 > Aan: Peter Pollock > CC: sambalist > Onderwerp: Re: [Samba] Changing IP Scope on a Samba DC > > On 04/09/2020 00:11, Peter Pollock wrote: > > Samba seems to have provisioned OK, but kinit cannot find the realm > > and I have some records missing that I don't know how to fix: > > > > itadmin at dc01:~$ kinit administrator at INTERNAL.KCS > > kinit: Cannot find KDC for realm "INTERNAL.KCS" while > getting initial > > credentials > > itadmin at dc01:~$ host -t SRV _ldap._tcp.internal.kcs > > Host _ldap._tcp.internal.kcs not found: 3(NXDOMAIN) > > itadmin at dc01:~$ host -t SRV _kerberos._udp.internal.kcs > > Host _kerberos._udp.internal.kcs not found: 3(NXDOMAIN) > > itadmin at dc01:~$ host -t A dc01.internal.kcs > > dc01.internal.kcs has address 192.168.4.5 > > > > Where do I start? > > > > Here's the output from the provisioning: > > > > sudo samba-tool domain provision --use-rfc2307 --realm=internal.kcs > > --domain=internal --dns-backend=BIND9_DLZ > > I hope this is a test domain (or one that you can lose), I > would run the > command again but add '--adminpass=xxxxxxxxxx' > > Where you replace all the 'x's with a complex password, you > sort of need > to know the Administrator password. > > Remove the smb.conf and reprovision ;-) > > When you get the domain up again, alter /etc/resolv.conf to > use the DC's > ipaddress as the first nameserver. > > You might also find this useful: > > https://github.com/thctlo/samba4/blob/master/full-howto-Ubuntu > 18.04-samba-AD_DC.txt > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On 04/09/2020 09:11, L.P.H. van Belle via samba wrote:> I would have added an extra DC.. > Move FSMO > Removed old server from AD, > Cleanup AD. > > Install new server with new ip's. > And Add CNAMEs where needed, > Move FSMO back. > Remove extra DC. > > ;-) >You evidently haven't been following this thread, Peter has been there and done that, it didn't work ;-) I am beginning to hate zentyal :D Rowland
This is brand new. Created following Louis' instructions (although in my install of Ubuntu 20.04, it gets a little tricky with installing packages because it claims one or more don't exist after adding Louis' repository and doing an apt update). Totally separate network from my Zentyal installs, on a ProxMox virtual server, if that makes any difference. I know the admin password, I just removed it from this email, I just cannot figure out why I can't initiate a kticket. I can wipe it and start again, that's not a problem at all. I was just so close... On Fri, Sep 4, 2020, 1:22 AM Rowland penny via samba <samba at lists.samba.org> wrote:> On 04/09/2020 09:11, L.P.H. van Belle via samba wrote: > > I would have added an extra DC.. > > Move FSMO > > Removed old server from AD, > > Cleanup AD. > > > > Install new server with new ip's. > > And Add CNAMEs where needed, > > Move FSMO back. > > Remove extra DC. > > > > ;-) > > > You evidently haven't been following this thread, Peter has been there > and done that, it didn't work ;-) > > I am beginning to hate zentyal :D > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >