Olivier MARTIN
2023-May-11 21:50 UTC
[Samba] Usage of '--domain-guid' parameter of 'samba-tool domain provision'
Hello,
I was hoping to reprovision the same domain by specifying the domain
GUID in the command line tool 'samba-tool domain provision' but I am not
sure if I missed something or if there is a bug but the specified domain
GUID is not the one which is created for my domain.
Specifying the domain SID seems to work as I would expect.
I tested it with Samba shipped by Debian 11 (samba2
4.13.13+dfsg-1~deb11u5) and the latest release 'samba-4.18.2'.
*For Samba **4.13.13 packaged by Debian 11:*
1. I provision my domain specifying the domain name, its GUID and SID:
sudo samba-tool domain provision --use-rfc2307 --realm=SAMDOM.DEMO.COM
--domain=samdom --server-role=dc --dns-backend=SAMBA_INTERNAL
--adminpass=D3m0H3l10 --domain-guid=a5291573-906f-467d-9d63-451204bb9abb
--domain-sid=S-1-5-21-1683713074-1702463723-3046006099
Processing section "[sysvol]"
Processing section "[netlogon]"
pm_process() returned Yes
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Processing section "[global]"
Processing section "[sysvol]"
Processing section "[netlogon]"
pm_process() returned Yes
INFO 2023-05-11 12:57:14,916 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2125: Looking up
IPv4 addresses
added interface lo ip=::1 bcast= netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
added interface eth1 ip=192.168.56.10 bcast=192.168.56.255 netmask=255.255.255.0
INFO 2023-05-11 12:57:14,917 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2142: Looking up
IPv6 addresses
added interface lo ip=::1 bcast= netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
added interface eth1 ip=192.168.56.10 bcast=192.168.56.255 netmask=255.255.255.0
WARNING 2023-05-11 12:57:14,918 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2149: No IPv6
address will be assigned
INFO 2023-05-11 12:57:15,369 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2297: Setting up
secrets.ldb
INFO 2023-05-11 12:57:15,380 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2302: Setting up the
registry
ldb_wrap open of hklm.ldb
INFO 2023-05-11 12:57:15,391 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2305: Setting up the
privileges database
INFO 2023-05-11 12:57:15,407 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2308: Setting up
idmap db
INFO 2023-05-11 12:57:15,420 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2315: Setting up SAM
db
INFO 2023-05-11 12:57:15,424 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #898: Setting up
sam.ldb partitions and settings
INFO 2023-05-11 12:57:15,424 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #910: Setting up
sam.ldb rootDSE
INFO 2023-05-11 12:57:15,427 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1323: Pre-loading
the Samba 4 and AD schema
partition_metadata: Migrating partition metadata: open of metadata.tdb gave: No
such Base DN: @INDEXLIST
Unable to determine the DomainSID, can not enforce uniqueness constraint on
local domainSIDs
INFO 2023-05-11 12:57:15,451 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1401: Adding
DomainDN: DC=samdom,DC=demo,DC=com
DN: DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:15,465 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1434: Adding
configuration container
DN: CN=Configuration,DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:15,482 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1449: Setting up
sam.ldb schema
DN: CN=Schema,CN=Configuration,DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:19,240 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1467: Setting up
sam.ldb configuration data
INFO 2023-05-11 12:57:19,437 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1508: Setting up
display specifiers
INFO 2023-05-11 12:57:21,878 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1516: Modifying
display specifiers and extended rights
INFO 2023-05-11 12:57:21,935 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1523: Adding users
container
INFO 2023-05-11 12:57:21,939 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1529: Modifying
users container
INFO 2023-05-11 12:57:21,941 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1532: Adding
computers container
INFO 2023-05-11 12:57:21,944 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1538: Modifying
computers container
INFO 2023-05-11 12:57:21,946 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1542: Setting up
sam.ldb data
INFO 2023-05-11 12:57:22,148 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1572: Setting up
well known security principals
INFO 2023-05-11 12:57:22,219 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1586: Setting up
sam.ldb users and groups
INFO 2023-05-11 12:57:22,477 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1594: Setting up
self join
Repacking database from v1 to v2 format (first record
CN=MSMQ-Site-Name,CN=Schema,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record
CN=mSMQSettings-Display,CN=41F,CN=DisplaySpecifiers,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record
CN=ipsecISAKMPPolicy{72385231-70FA-11D1-864C-14A300000000},CN=IP
Security,CN=System,DC=samdom,DC=demo,DC=com)
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[global]"
doing parameter dns forwarder = 8.8.8.8
doing parameter netbios name = DC1
doing parameter realm = SAMDOM.VM-AUTHAPART-SERVER
doing parameter server role = active directory domain controller
doing parameter workgroup = SAMDOM
doing parameter idmap_ldb:use rfc2307 = yes
doing parameter disable netbios = yes
doing parameter log level = 4auth_json_audit:3@/var/log/samba/samba_audit.log
doing parameter logging = syslog at 4
doing parameter restrict anonymous = 2
doing parameter load printers = no
doing parameter cups options = raw
doing parameter printcap name = /dev/null
doing parameter ldap debug level = 1
ldap_url_parse_ext(ldap://localhost/)
ldap_init: trying /etc/ldap/ldap.conf
ldap_init: HOME env is /root
ldap_init: trying /root/ldaprc
ldap_init: trying /root/.ldaprc
ldap_init: trying ldaprc
ldap_init: LDAPCONF env is NULL
ldap_init: LDAPRC env is NULL
doing parameter bind interfaces only = yes
doing parameter interfaces = lo eth1
doing parameter tls enabled = yes
doing parameter tls keyfile =
/etc/pki/vm-authapart-server/ca/service-ca/private/ad_dc.key
doing parameter tls certfile =
/etc/pki/vm-authapart-server/ca/service-ca/ad_dc.crt
doing parameter tls cafile =
/etc/pki/vm-authapart-server/ca/labapart-services-ca-chain.crt
doing parameter tls crlfile =
/etc/pki/vm-authapart-server/ca/service-ca/services.crl
doing parameter tls dhparams file =
/etc/pki/vm-authapart-server/ad_dc_dhparams.pem
Processing section "[sysvol]"
doing parameter path = /var/lib/samba/sysvol
doing parameter read only = No
Processing section "[netlogon]"
doing parameter path = /var/lib/samba/sysvol/samdom.vm-authapart-server/scripts
doing parameter read only = No
pm_process() returned Yes
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
load_module_absolute_path: Module
'/usr/lib/x86_64-linux-gnu/samba/vfs/acl_xattr.so' loaded
Initialising custom vfs hooks from [dfs_samba4]
load_module_absolute_path: Module
'/usr/lib/x86_64-linux-gnu/samba/vfs/dfs_samba4.so' loaded
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service Unknown
Service (snum == -1)
vfs_ChDir to /usr/lib/python3/dist-packages/samba
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service Unknown
Service (snum == -1)
lp_load_ex: refreshing parameters
Processing section "[global]"
doing parameter dns forwarder = 8.8.8.8
doing parameter netbios name = DC1
doing parameter realm = SAMDOM.VM-AUTHAPART-SERVER
doing parameter server role = active directory domain controller
doing parameter workgroup = SAMDOM
doing parameter idmap_ldb:use rfc2307 = yes
doing parameter disable netbios = yes
doing parameter log level = 4auth_json_audit:3@/var/log/samba/samba_audit.log
doing parameter logging = syslog at 4
doing parameter restrict anonymous = 2
doing parameter load printers = no
doing parameter cups options = raw
doing parameter printcap name = /dev/null
doing parameter ldap debug level = 1
doing parameter bind interfaces only = yes
doing parameter interfaces = lo eth1
doing parameter tls enabled = yes
doing parameter tls keyfile =
/etc/pki/vm-authapart-server/ca/service-ca/private/ad_dc.key
doing parameter tls certfile =
/etc/pki/vm-authapart-server/ca/service-ca/ad_dc.crt
doing parameter tls cafile =
/etc/pki/vm-authapart-server/ca/labapart-services-ca-chain.crt
doing parameter tls crlfile =
/etc/pki/vm-authapart-server/ca/service-ca/services.crl
doing parameter tls dhparams file =
/etc/pki/vm-authapart-server/ad_dc_dhparams.pem
Processing section "[sysvol]"
doing parameter path = /var/lib/samba/sysvol
doing parameter read only = No
Processing section "[netlogon]"
doing parameter path = /var/lib/samba/sysvol/samdom.vm-authapart-server/scripts
doing parameter read only = No
pm_process() returned Yes
ldb_wrap open of idmap.ldb
ldb_wrap open of idmap.ldb
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol. uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com/Policies. uid = 3000030,
gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.lapluie/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie/Policies. uid = 3000030,
gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.codeur.org/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org/Policies. uid =
3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.vm-authapart-server/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}.
uid = 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/scripts. uid
= 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server/Policies. uid
= 3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.demo.com. uid = 3000030, gid =
3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.lapluie. uid = 3000030, gid =
3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.codeur.org. uid = 3000030, gid =
3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
set_nt_acl: chown /var/lib/samba/sysvol/samdom.vm-authapart-server. uid =
3000030, gid = 3000000.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000030
unpack_nt_owners: group sid mapped to gid 3000000
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}.
uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/USER.
uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}.
uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI.
uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER.
uid = 3000032, gid = 3000032.
Initialising default vfs hooks
Initialising custom vfs hooks from [/[Default VFS]/]
Initialising custom vfs hooks from [acl_xattr]
Initialising custom vfs hooks from [dfs_samba4]
connect_acl_xattr: setting 'inherit acls = true' 'dos filemode =
true' and 'force unknown acl user = true' for service sysvol
unpack_nt_owners: owner sid mapped to uid 3000032
unpack_nt_owners: group sid mapped to gid 3000032
set_nt_acl: chown
/var/lib/samba/sysvol/samdom.demo.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE.
uid = 3000032, gid = 3000032.
INFO 2023-05-11 12:57:25,083 pid:46406
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1143: Adding DNS
accounts
INFO 2023-05-11 12:57:25,106 pid:46406
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1177: Creating
CN=MicrosoftDNS,CN=System,DC=samdom,DC=demo,DC=com
INFO 2023-05-11 12:57:25,139 pid:46406
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1190: Creating
DomainDnsZones and ForestDnsZones partitions
DN: DC=DomainDnsZones,DC=samdom,DC=demo,DC=com is a NC
DN: DC=ForestDnsZones,DC=samdom,DC=demo,DC=com is a NC
INFO 2023-05-11 12:57:25,216 pid:46406
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1195: Populating
DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record
DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record
CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=demo,DC=com)
INFO 2023-05-11 12:57:25,503 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2029: Setting up
sam.ldb rootDSE marking as synchronized
INFO 2023-05-11 12:57:25,511 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2034: Fixing
provision GUIDs
INFO 2023-05-11 12:57:26,454 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2367: A Kerberos
configuration suitable for Samba AD has been generated at
/var/lib/samba/private/krb5.conf
INFO 2023-05-11 12:57:26,455 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2369: Merge the
contents of this file with your system krb5.conf or replace it with this one. Do
not create a symlink!
INFO 2023-05-11 12:57:26,529 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2099: Setting up
fake yp server settings
INFO 2023-05-11 12:57:26,633 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #490: Once the above
files are installed, your Samba AD server will be ready to use
INFO 2023-05-11 12:57:26,634 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #495: Server
Role:?????????? active directory domain controller
INFO 2023-05-11 12:57:26,635 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #496:
Hostname:????????????? dc1
INFO 2023-05-11 12:57:26,635 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #497: NetBIOS
Domain:??????? SAMDOM
INFO 2023-05-11 12:57:26,635 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #498: DNS
Domain:??????????? samdom.demo.com
INFO 2023-05-11 12:57:26,635 pid:46406
/usr/lib/python3/dist-packages/samba/provision/__init__.py #499: DOMAIN
SID:??????????? S-1-5-21-1683713074-1702463723-3046006099
2. But when I retrieved the GUID of my domain, I can see it is not the
one I specified:
$ sudo ldbsearch? -H /var/lib/samba/private/sam.ldb
--basedn="DC=samdom,DC=demo,DC=com" "CN=dc1" objectGUID
# record 1
dn: CN=DC1,OU=Domain Controllers,DC=samdom,DC=demo,DC=com
objectGUID: 81fad588-4b7a-4269-97ab-efea16d414d3
# Referral
ref:ldap://samdom.vm-authapart-server/CN=Configuration,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.vm-authapart-server/DC=DomainDnsZones,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.vm-authapart-server/DC=ForestDnsZones,DC=samdom,DC=demo,DC=com
# returned 4 records
# 1 entries
# 3 referrals
*With Samba 4.18.2:*
1. Same command line, I provision my domain specifying the domain name,
its GUID and SID:
sudo samba-tool domain provision --use-rfc2307
--realm=SAMDOM.DEMO.COM --domain=samdom --server-role=dc
--dns-backend=SAMBA_INTERNAL --adminpass=D3m0H3l10
--domain-guid=a5291573-906f-467d-9d63-451204bb9abb
--domain-sid=S-1-5-21-1683713074-1702463723-3046006099
INFO 2023-05-11 21:18:37,018 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2108:
Looking up IPv4 addresses
WARNING 2023-05-11 21:18:37,019 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2113:
More than one IPv4 address found. Using 192.168.56.10
INFO 2023-05-11 21:18:37,019 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2125:
Looking up IPv6 addresses
WARNING 2023-05-11 21:18:37,019 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2132:
No IPv6 address will be assigned
INFO 2023-05-11 21:18:37,448 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2274:
Setting up share.ldb
INFO 2023-05-11 21:18:37,470 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2278:
Setting up secrets.ldb
INFO 2023-05-11 21:18:37,479 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2283:
Setting up the registry
INFO 2023-05-11 21:18:37,519 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2286:
Setting up the privileges database
INFO 2023-05-11 21:18:37,538 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2289:
Setting up idmap db
INFO 2023-05-11 21:18:37,554 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2296:
Setting up SAM db
INFO 2023-05-11 21:18:37,558 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #880:
Setting up sam.ldb partitions and settings
INFO 2023-05-11 21:18:37,559 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #892:
Setting up sam.ldb rootDSE
INFO 2023-05-11 21:18:37,562 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1305:
Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on
local domainSIDs
INFO 2023-05-11 21:18:37,589 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1383:
Adding DomainDN: DC=samdom,DC=demo,DC=com
INFO 2023-05-11 21:18:37,600 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1415:
Adding configuration container
INFO 2023-05-11 21:18:37,619 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1430:
Setting up sam.ldb schema
INFO 2023-05-11 21:18:42,204 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1448:
Setting up sam.ldb configuration data
INFO 2023-05-11 21:18:42,459 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1489:
Setting up display specifiers
INFO 2023-05-11 21:18:45,501 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1497:
Modifying display specifiers and extended rights
INFO 2023-05-11 21:18:45,568 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1504:
Adding users container
INFO 2023-05-11 21:18:45,571 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1510:
Modifying users container
INFO 2023-05-11 21:18:45,572 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1513:
Adding computers container
INFO 2023-05-11 21:18:45,574 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1519:
Modifying computers container
INFO 2023-05-11 21:18:45,576 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1523:
Setting up sam.ldb data
INFO 2023-05-11 21:18:45,795 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1553:
Setting up well known security principals
INFO 2023-05-11 21:18:45,878 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1567:
Setting up sam.ldb users and groups
INFO 2023-05-11 21:18:46,282 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #1575:
Setting up self join
Repacking database from v1 to v2 format (first record
CN=ms-DS-Integer,CN=Schema,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record
CN=mSMQConfiguration-Display,CN=409,CN=DisplaySpecifiers,CN=Configuration,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record
CN=Windows2003Update,CN=DomainUpdates,CN=System,DC=samdom,DC=demo,DC=com)
INFO 2023-05-11 21:18:48,154 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1198:
Adding DNS accounts
INFO 2023-05-11 21:18:48,171 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1232:
Creating CN=MicrosoftDNS,CN=System,DC=samdom,DC=demo,DC=com
INFO 2023-05-11 21:18:48,200 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1245:
Creating DomainDnsZones and ForestDnsZones partitions
INFO 2023-05-11 21:18:48,256 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/sambadns.py #1250:
Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record
DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=demo,DC=com)
Repacking database from v1 to v2 format (first record
CN=LostAndFound,DC=ForestDnsZones,DC=samdom,DC=demo,DC=com)
INFO 2023-05-11 21:18:48,500 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2012:
Setting up sam.ldb rootDSE marking as synchronized
INFO 2023-05-11 21:18:48,504 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2017:
Fixing provision GUIDs
INFO 2023-05-11 21:18:49,835 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2348:
A Kerberos configuration suitable for Samba AD has been generated at
/usr/local/samba/private/krb5.conf
INFO 2023-05-11 21:18:49,835 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2350:
Merge the contents of this file with your system krb5.conf or replace it with
this one. Do not create a symlink!
INFO 2023-05-11 21:18:50,025 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #2082:
Setting up fake yp server settings
INFO 2023-05-11 21:18:50,130 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #487:
Once the above files are installed, your Samba AD server will be ready to use
INFO 2023-05-11 21:18:50,130 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #492:
Server Role:?????????? active directory domain controller
INFO 2023-05-11 21:18:50,130 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #493:
Hostname:????????????? dc1
INFO 2023-05-11 21:18:50,130 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #494:
NetBIOS Domain:??????? SAMDOM
INFO 2023-05-11 21:18:50,130 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #495:
DNS Domain:??????????? samdom.demo.com
INFO 2023-05-11 21:18:50,130 pid:69715
/usr/local/samba/lib/python3.9/site-packages/samba/provision/__init__.py #496:
DOMAIN SID:??????????? S-1-5-21-1683713074-1702463723-3046006099
2. But when I retrieved the GUID of my domain, I can see it is not the
one I specified:
$ sudo /usr/local/samba/bin/ldbsearch? -H /var/lib/samba/private/sam.ldb
--basedn="DC=samdom,DC=demo,DC=com" "CN=dc1" objectGUID
# record 1
dn: CN=DC1,OU=Domain Controllers,DC=samdom,DC=demo,DC=com
objectGUID: 4135c7cd-ddc5-4c2c-b1f9-48ee176451d2
# Referral
ref:ldap://samdom.demo.com/CN=Configuration,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.demo.com/DC=DomainDnsZones,DC=samdom,DC=demo,DC=com
# Referral
ref:ldap://samdom.demo.com/DC=ForestDnsZones,DC=samdom,DC=demo,DC=com
# returned 4 records
# 1 entries
# 3 referrals
Is it a bug or have I misunderstood the purpose of '--domain-guid'?
Thanks in advance,
Olivier
Andrew Bartlett
2023-May-16 05:29 UTC
[Samba] Usage of '--domain-guid' parameter of 'samba-tool domain provision'
On Thu, 2023-05-11 at 23:50 +0200, Olivier MARTIN via samba wrote:> Hello, > > I was hoping to reprovision the same domain by specifying the domain > GUID in the command line tool 'samba-tool domain provision' but I am > not > sure if I missed something or if there is a bug but the specified > domain > GUID is not the one which is created for my domain. > Specifying the domain SID seems to work as I would expect. > > I tested it with Samba shipped by Debian 11 (samba2 > 4.13.13+dfsg-1~deb11u5) and the latest release 'samba-4.18.2'. > > > *For Samba **4.13.13 packaged by Debian 11:* > > 1. I provision my domain specifying the domain name, its GUID and > SID: > > sudo samba-tool domain provision --use-rfc2307 -- > realm=SAMDOM.DEMO.COM --domain=samdom --server-role=dc --dns- > backend=SAMBA_INTERNAL --adminpass=D3m0H3l10 --domain-guid=a5291573- > 906f-467d-9d63-451204bb9abb --domain-sid=S-1-5-21-1683713074- > 1702463723-3046006099> Is it a bug or have I misunderstood the purpose of '--domain-guid'?The code is similar for --domain-sid and --domain-guid and the intention is as you expect, to set the domain guid, being the objectGUID of the domain DN, but I note that the only test we have is to show that we don't abort or fault with --domain-guid specified, we don't check if it worked. More tests are welcome if you would like to contribute them. Finally, if you let me know why you want to rebuild your domain, I might be able to help you with that. Sorry, Andrew Bartlett -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba Samba Development and Support, Catalyst.Net Limited Catalyst.Net Ltd - a Catalyst IT group company - Expert Open Source Solutions
Reasonably Related Threads
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Usage of '--domain-guid' parameter of 'samba-tool domain provision'
- Missing features in RSAT Group Policy Manager (Debian as Samba PDC)