> Steve Boley <[email protected]> hat am 13. März 2014 um 17:33 geschrieben: > > Remember also that you do not have to do any seizing unless you have to use > outlook in your organization. This is only related to the openchange portion > which again is only for outlook interoperability and web and thunderbird > neither one require it. > Thats it ;-). We are using Outlook in my company! And this is not changeable.
> The schema in microsoft can keep a copy of the global catalog on each dc and > I'm not sure why samba hasn't mimiced that function instead of seizing. Which > would actually fulfill the requirement openchange is looking for and not muck > around with Microsoft's infrastructure like it presently does. > > It seems the primary focus has been replacement and mimicing the forest and > not integration. > > *sigh* > > My Idea now is: The sogo-box will get DC, I transfer all roles and GPOs (if > possible) to the samba-box and demote the sbs 2011 essential-box (if possible > ;-)). > > The sbs only hosts our Navision Dynamics, so the AD is not necessary on this > box. > > Thanks > > Paddie > > > Steve > On 3/12/2014 11:05 PM, Ron Scott-Adams wrote: > > > > Seizing any roles from an SBS server is not supported. Ever. Under no > > > circumstances should you ever transfer any domain services away from > > > an SBS box. Regardless of what samba documentation, et almay claim, > > > this is always an incorrect action to take. > > > > You cannot treat SBS as a typical domain controller, nor can you treat > > an SBS forest as a typical forest. There are elements within SBS that > > completely depend upon and expect all roles to be present at all times. And > > of all roles to transfer, the schema role invites possibly the most > > disaster, as SBS does not expect non-resident schema modifications. > > > > When you’re playing on Microsoft’s infrastructure, there are some MS > > rules you have to follow. Not everything they mandate is merely a “best > > practice” or without reason, and this is a prime example. > > > > Now that I’m done ranting/scolding, what is the detailed message you > > receive from ntdsutil? It may be helpful to up the logging level of LDAP > > Interface Events and DS Schema in > > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics (start > > with a value of 2). > > > > Also, you may consider a system state restore (you do back up your > > system state frequently, I hope): > > <http://blogs.technet.com/b/sbs/archive/2011/03/31/how-to-perform-an-authoritative-system-state-restore-in-sbs-2008-2011-standard.aspx> > > . Note this will likely hose your samba instance and require some sort of > > cleaning to realign it to reality, but SOGo should remain unscathed. > > > > Good luck and such. > > > > On Mar 12, 2014, at 5:14 PM, Patric Becker < [email protected] > > <mailto:[email protected]> > wrote: > > > > > > > > > OK, monologue ;-), > > > > > > I give it up! How should I transfer the Schema role from the sogo > > > box to my sbs? > > > > > > I´ve tried it in Win with ntdsutil and on my linux with > > > > > > samba-tool fsmo seize --role=schema > > > > > > Where is my failure?? ;( > > > > > > Thanks > > > > > > Paddie > > > > > > > > > > > > > Patric Becker < [email protected] > > > > > > > <mailto:[email protected]> > hat am 12. März 2014 > > > > > > > um 20:43 geschrieben: > > > > > > > > OK, forget the last mail ;-). After I read a bit more I find > > > > out, that the command worked. BUT if I test with > > > > > > > > samba-tool fsmo show > > > > > > > > it tells me, that schemamasterrole still is on the sogo box > > > > ;-(. > > > > > > > > I will test a little more this evening. If i get it OK, if not > > > > i give up on it. > > > > > > > > Thanks > > > > > > > > Paddie > > > > > > > > > > > > > Patric Becker < [email protected] > > > > > > > > > <mailto:[email protected]> > hat am 12. März > > > > > > > > > 2014 um 19:51 geschrieben: > > > > > > > > > > Many Thanks for your extensive answer. I´ve tried it this > > > > > way a few minutes ago. but when I want to seize it back to the SBS i > > > > > get this error > > > > > > > > > > FSMO transfer of 'schema' role successful > > > > > ERROR: Failed to initiate role seize of 'schema' role: > > > > > objectclass: modify message must have elements/attributes! > > > > > I´ve googled a little and found this bugreport > > > > > <https://bugzilla.samba.org/show_bug.cgi?id=9461> > > > > > > > > > > As I understand it correctly. I have to rebuild samba with > > > > > this Patch applied to get this working. > > > > > > > > > > Thanks > > > > > > > > > > Paddie > > > > > > > > > > > > > > > > > > > > > Steve Boley < [email protected] > > > > > > > > > > > <mailto:[email protected]> > hat am 12. März 2014 > > > > > > > > > > > um 17:08 geschrieben: > > > > > > > > > > > > You only need to move the global catalog the schema over > > > > > > to setup openchange and then you can seize it back from the sbs > > > > > > system and all would be well in active directory land. To simply > > > > > > join as 2nd dc you do not have to seize any roles and the seizing is > > > > > > for extending the exchange schema onto the active directory which > > > > > > actually should be in place in sbs so you might have to just seize > > > > > > the role so the global catalog is copied over and take it right back > > > > > > and openchange might be happy just get ready for a lot of google and > > > > > > debugging probably as this is not a simple task to get it all > > > > > > working. I've put in a feature request for openchange to check for > > > > > > the schema on a remote dc not the local one but that might take a > > > > > > while to be added. > > > > > > Steve > > > > > > On 3/9/2014 8:37 AM, Patric Becker wrote: > > > > > > > > > > > > > > > > > > > Hi, > > > > > > > > > > > > > > I want to join a SOGo-Box to an existing Domain > > > > > > > with a Windows SBS 2011 Essentials(!!!) Box. > > > > > > > > > > > > > > I´ve asked this Question a few weeks before and > > > > > > > get the hint to copy/move the fsmo roles from the Windows to the > > > > > > > SOGo Box BUT after a few tries and a little more searching in the > > > > > > > Web I found out, that I CAN´T copy/move all fsmo Roles from an SBS > > > > > > > Essential Server to an other box. > > > > > > > > > > > > > > My next Idea was to Use the SOGo Box as FIRST DC > > > > > > > but the SBS Essential Box couldn´t join a Network as second DC ;(. > > > > > > > > > > > > > > Is there an other solution to use SOGo in this > > > > > > > network?? > > > > > > > > > > > > > > Thanks > > > > > > > > > > > > > > Paddie > > > > > > > > > > > > > > PS: Sorry for starting an new Thread but I´m at > > > > > > > home now and write this with our Provider-webfronend. ;-). > > > > > > > > > > > > > > PPS: The SBS Essential Box was there as I joined > > > > > > > the Company ;). I would never buy such crap... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- [email protected] https://inverse.ca/sogo/lists
