Re: [SOGo] Samba4 fails to join domain

Thu, 14 Nov 2013 08:36:47 -0800

Unfortunately I have been unable to find a combination of SOGo/Samba4/OpenChange that works. 

I have tried:
 - The 2.07 release packages
 - Building my own Samba 4.1(from tarball) and OpenChange(from GIT) packages
 - The nightly packages(from about 2 weeks before the 2.1 release)
 - and the 2.0 ZEG
I was able to crash Samba4 frequently on all my setups by doing "normal" user operations in Outlook. A couple of the problems that I observed are listed as being fixed in 2.1, but I really can't put a server into production that can be easily crashed by user actions.
Additionally based on my testing Samba4 4.0.1 is unusable (can't join the domain) in a multiple DC environment, so I would have to build my own OpenChange and possibly Samba4 packages anyway.
I will setup a clean 2.1 system at some point and will get tracebacks of any crashes I experience, but am not sure when I will be able to do this as I now have to move onto other things. 

Thanks

Mike

Quoting Mike Brady <mike.br...@devnull.net.nz>:
Yes I was aware of the member server issues, which is why I was attempting to join as a DC.
I have one correction to make. My original servers were 4.0.9,but I had upgraded them to 4.0.10. To make sure that the domain didn't have some other issue I have added a 3rd 4.0.10 DC with no issues.
I guess that this means that the Samba4/OpenChange packages in the yum repo are a non working solution. At least for integrating with an existing domain. They may well work as a single standalone server. I was hoping not to have to start building my own packages, but I guess that I will have to start to look at that.
I have SOGo itself integrated with the domain and am happy with that side of things. Users login to the SOGo web interfcae with their domain credentials and Postfix/Dovecot use the domain for email addresses.
Unfortunately Outlook integration is essential for us if we are to use SOGo. I will report back if I find a working combination. 

Thanks

Mike

Quoting Wilken Haase <w.ha...@gambio.de>:


I got the same results when I tried to integrate samba into our AD.
Basically there is some stuff missing and other stuff not working in samba
4.0.x which is needed for samba beeing a member server. I found myself
affected by several bug reports in samba bugzilla and backporting all
needed stuff was rather non trivial and time consuming. Samba 4.1 fixes
nearly all of my problems (some small odds left with no sysvol
replication, seldom synchronisation problems concerning tombstones), so
I've got a working condition for sogo AD integration. I did not try to
compile openchange against samba 4.1 up to now since connecting outlook is
more a gimmick here. I think you should try out a newer samba version and
then try to compile openchange against that one, the success possibilies
are tremendous higher.

Regards
Wilken Haase

users@sogo.nu schreibt:

I am testing SOGo and Openchange and have run into a problem.

I have a working Samba4 domain with 2x DC and 1x member server.  This
has been built using the Sernet 4.0.9 packages.

On the SOGo server I have installed the Samba 4.0.1 package available
in the SOGo yum repository.

I then try to join the SOGo server to the domain as a third DC, but
the join fails.  In looks like the initial replication goes into a
loop and eventually consumes all system RAM and is killed.

[root@sogo02 samba4]# samba-tool domain join samba4.devnull.net.nz DC
-Uadministrator --realm=samba4.devnull.net.nz
Finding a writeable DC for domain 'samba4.devnull.net.nz'
Found DC dc00.samba4.devnull.net.nz
Password for [WORKGROUP\administrator]:
workgroup is SAMBA4
realm is samba4.devnull.net.nz
checking sAMAccountName
Deleted CN=SOGO02,OU=Domain Controllers,DC=samba4,DC=devnull,DC=net,DC=nz
Deleted CN=NTDS
Settings,CN=SOGO02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz
Deleted
CN=SOGO02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz
Adding CN=SOGO02,OU=Domain Controllers,DC=samba4,DC=devnull,DC=net,DC=nz
Adding
CN=SOGO02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz
Adding CN=NTDS
Settings,CN=SOGO02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz
Adding SPNs to CN=SOGO02,OU=Domain
Controllers,DC=samba4,DC=devnull,DC=net,DC=nz
Setting account password for SOGO02$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=samba4,DC=devnull,DC=net,DC=nz
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[1608/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[2010/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[2412/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[2814/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[3216/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[3618/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[4020/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[4422/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[4824/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[5226/1550] linked_values[0/0]
..
..
..
..
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[236376/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[236778/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[237180/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[237582/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[237984/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[238386/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[238788/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[239190/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[239592/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=samba4,DC=devnull,DC=net,DC=nz]
objects[239994/1550] linked_values[0/0]
Killed


Anyone got any ideas?

Thanks

Mike






--
users@sogo.nu
https://inverse.ca/sogo/lists




Mit freundlichen Grüßen

Wilken Haase
----------------------------------------------------------------
Gambio GmbH
Parallelweg 30, D-28219 Bremen
Geschäftsführer: Daniel Schnadt, Nonito Capuno
Handelsregister: HRB 26426 HB, Amtsgericht Bremen

Diese Nachricht ist vertraulich und nur für den angegebenen Empfänger
bestimmt. Jede Form der Kenntnisnahme oder Weitergabe durch Dritte ist
unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu
setzen.
Vielen Dank.

The content of this message is confidential and only meant for the
adressee. Any kind of attention or transmission through a third party is
forbidden. If this message is not for your attention, we please you to
inform us by e-mail. Thank you.
----------------------------------------------------------------


--
users@sogo.nu
https://inverse.ca/sogo/lists




--
users@sogo.nu
https://inverse.ca/sogo/lists


--
users@sogo.nu
https://inverse.ca/sogo/lists

Reply via email to