On Mon, 2013-02-11 at 09:54 +0100, Hervé Hénoch wrote:
Hello,
I would try to migrate S3 to S4 in production but these messages (in
bold) blocks me to do this. I can authenticate users et computers yet !,
So what does they mean ?
Regards
root@vspdc:~# /usr/local/samba/bin/samba-tool domain classicupgrade
--dbdir=/root/smb3/varlib --dns-backend=BIND9_DLZ --use-xattrs=yes
--realm=sc.isc84.org /root/smb3/etc/smb.conf
Reading smb.conf
Provisioning
Exporting account policy
Exporting groups
*Severe DB error, sambaSamAccount can't miss the samba SIDattribute*
Ignoring group 'Domain Users'
S-1-5-21-1031258178-388409940-3248586695-513 listed but then not found:
Unable to enumerate group members,
(-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION)
*Ignoring group 'Administrators' S-1-5-32-544 listed but then not found:
Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS)
Ignoring group 'Account Operators' S-1-5-32-548 listed but then not
found: Unable to enumerate members for alias,
(-1073741487,NT_STATUS_NO_SUCH_ALIAS)
Ignoring group 'Print Operators' S-1-5-32-550 listed but then not found:
Unable to enumerate members for alias, (-1073741487,NT_STATUS_NO_SUCH_ALIAS)
Ignoring group 'Backup Operators' S-1-5-32-551 listed but then not
found: Unable to enumerate members for alias,
(-1073741487,NT_STATUS_NO_SUCH_ALIAS)
Ignoring group 'Replicators' S-1-5-32-552 listed but then not found:
Unable to enumerate members for alias,
(-1073741487,NT_STATUS_NO_SUCH_ALIAS)*
Exporting users
Could not convert S-1-5-21-1031258178-388409940-3248586695-5444 to SID
Skipping wellknown rid=500 (for username=root)
Ignoring group memberships of 'nobody'
S-1-5-21-1031258178-388409940-3248586695-2998: Unable to enumerate group
memberships, *(-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION)*
None of these errors are fatal - they are just invalid aspects of your
passdb database that we were able to skip over harmlessly. For example,
it does not matter that we could not list members of domain users as
users a members of that group via their primary group ID. Similarly,
as we already recreate the administrator account, the domain
administrators group and the administrators alias, these being incorrect
in your passdb is harmless.
We skipped importing 'root' as we created a new 'administrator' account
instead, and used the 'root' password.
Even the 'missing sambaSID attribute' error can't be too much of a
problem, as this cannot have been a working part of your existing domain
anyway.
If you have problems with your upgraded DC, diagnose them from what
errors are directly produced - as the upgrade appears to have progressed
fine!
Andrew Bartlett
--
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
