I'm upgrading a 4.14 DC with a second node running 4.16.6.
When trying to set up bind, I get the following error:
# samba_upgradedns --dns-backend=BIND9_DLZ --realm=WDC.DOMAIN.IT
Reading domain information
Traceback (most recent call last):
File "/usr/sbin/samba_upgradedns", line 292, in <module>
names = find_provision_key_parameters(ldbs.sam, ldbs.secrets, ldbs.idmap,
File "/usr/lib/python3/dist-packages/samba/provision/__init__.py",
line 336, in find_provision_key_parameters
dns_admins_sid = get_dnsadmins_sid(samdb, names.domaindn)
File "/usr/lib/python3/dist-packages/samba/provision/sambadns.py",
line 75, in get_dnsadmins_sid
res = samdb.search(base=base_dn, scope=ldb.SCOPE_BASE,
attrs=["objectSid"])
_ldb.LdbError: (32, 'No such Base DN:
CN=DnsAdmins,OU=DOMusers,DC=wdc,DC=domain,DC=it')
I guess this is because I ran "redirusr" to set the default OU? I see
no option for samba_upgradedns to set a custom base DN...
How can I sort this out?
Thanks
smb.conf on the dc2:
[global]
netbios name = DC2
realm = WDC.DOMAIN.IT
server role = active directory domain controller
workgroup = DOM
server services = -dns
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[netlogon]
path = /var/lib/samba/sysvol/wdc.domain.it/scripts
read only = No
--
Lorenzo Milesi - lorenzo.milesi at yetopen.com
CTO @ YetOpen Srl
Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood
Avenue - Suite 200 - Raleigh, NC 27612 - USA -
Tel +39 0341 220 205 - info.it at yetopen.com | Phone +1 919-817-8106 - info.us
at yetopen.com
Think green - Non stampare questa e-mail se non necessario / Don't print
this email unless necessary
-------- D.Lgs. 196/2003 e GDPR 679/2016 --------
Tutte le informazioni contenute in questo messaggio sono riservate ed a uso
esclusivo del destinatario.
Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da
ritenere confidenziali e riservate secondo i termini
del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo
679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non
autorizzata.
Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad
eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci
non appena possibile.
Grazie.
Confidentiality notice: this email message including any attachment is for the
sole use of the intended recipient and may contain confidential and privileged
information;
pursuant to Legislative Decree 196/2003 and the European General Data Protection
Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or
distribution
is prohibited. If you are not the intended recepient please delete this message
without copying, printing or forwarding it to others, and alert us as soon as
possible.
Thank you.
On 03/11/2022 15:49, Lorenzo Milesi via samba wrote:> I'm upgrading a 4.14 DC with a second node running 4.16.6. > > When trying to set up bind, I get the following error: > > # samba_upgradedns --dns-backend=BIND9_DLZ --realm=WDC.DOMAIN.IT > Reading domain information > Traceback (most recent call last): > File "/usr/sbin/samba_upgradedns", line 292, in <module> > names = find_provision_key_parameters(ldbs.sam, ldbs.secrets, ldbs.idmap, > File "/usr/lib/python3/dist-packages/samba/provision/__init__.py", line 336, in find_provision_key_parameters > dns_admins_sid = get_dnsadmins_sid(samdb, names.domaindn) > File "/usr/lib/python3/dist-packages/samba/provision/sambadns.py", line 75, in get_dnsadmins_sid > res = samdb.search(base=base_dn, scope=ldb.SCOPE_BASE, attrs=["objectSid"]) > _ldb.LdbError: (32, 'No such Base DN: CN=DnsAdmins,OU=DOMusers,DC=wdc,DC=domain,DC=it') > > I guess this is because I ran "redirusr" to set the default OU? I see no option for samba_upgradedns to set a custom base DN... > How can I sort this out?The search base is being set with this: base_dn = "CN=DnsAdmins,%s" % samdb.get_wellknown_dn(ldb.Dn(samdb, domaindn), DS_GUID_USERS_CONTAINER) Which appears to be giving this: CN=DnsAdmins,OU=DOMusers,DC=wdc,DC=domain,DC=it Which is where it appears to be failing, is that DN correct or is it here: CN=DnsAdmins,CN=Users,DC=wdc,DC=domain,DC=it Rowland