problème installation dcsamba4 sur domain windowsAD existant

Venez ici partager vos astuces et aides autour de Samba4
eckeagle
Messages : 4
Inscription : 27 déc. 2017 - 17:39

27 déc. 2017 - 17:55

Bonjour

J'ai un domaine ad sous windows server 2012 r2 donc le niveau fonctionnel de la foret est sous windows server 2008 et le niveau fonctionnel du domaine est sous windows server 2008 r2

j'ai effectué votre tuto https://dev.tranquil.it/wiki/SAMBA_-_In ... secondaire pour ajouter un dc debian9 samba4 au moment de la jonction il me donne ceux-ci:

Code : Tout sélectionner

Adding 1 remote DNS records for ECKBADEB.kenneagle.lan
Adding DNS A record ECKBADEB.kenneagle.lan for IPv4 IP: 192.168.100.3
Join failed - cleaning up
Deleted CN=RID Set,CN=ECKBADEB,OU=Domain Controllers,DC=kenneagle,DC=lan
Deleted CN=ECKBADEB,OU=Domain Controllers,DC=kenneagle,DC=lan
Deleted CN=NTDS Settings,CN=ECKBADEB,CN=Servers,CN=Premier-Site-par-defaut,CN=Sites,CN=Configuration,DC=kenneagle,DC=lan
Deleted CN=ECKBADEB,CN=Servers,CN=Premier-Site-par-defaut,CN=Sites,CN=Configuration,DC=kenneagle,DC=lan
ERROR(runtime): uncaught exception - (9003, 'WERR_DNS_ERROR_RCODE_NAME_ERROR')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 661, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in join_DC
    ctx.do_join()
  File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1384, in do_join
    ctx.join_add_dns_records()
  File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1116, in join_add_dns_records
    dns_partition=domaindns_zone_dn)
  File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 939, in dns_lookup
    dns_partition=dns_partition)
Pouvez-vous m'aider merci d'avance?
eckeagle
Messages : 4
Inscription : 27 déc. 2017 - 17:39

28 déc. 2017 - 12:12

Bonjour

Aprés retest, je suis arrivée à effectuer la jonction de mon dc samba4 sur mon domaine ad existant

l'annuaire est bien répliqué mais pas dns et sysvol:
pour dns

Code : Tout sélectionner

root@eckbadeb:/home/nicoket# samba_dnsupdate --use-samba-tool --rpc-server-ip=192.168.1.78
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
ERROR(runtime): uncaught exception - (-1073741790, '{Access Denied} A process has requested access to an object but has not been granted those access rights.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 935, in run
    0, server, zone, name, add_rec_buf, None)
Failed update of 24 entries

Code : Tout sélectionner

samba-tool ntacl sysvolcheck ERROR(<type 'exceptions.TypeError'>): uncaught exception - (2, 'No such file or directory')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 270, in run
    lp)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1723, in checksysvolacl
    direct_db_access)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1659, in check_gpos_acl
    direct_db_access=direct_db_access, service=SYSVOL_SERVICE)
  File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 81, in getntacl
    xattr.XATTR_NTACL_NAME)

Code : Tout sélectionner

root@eckbadeb:/home/nicoket# samba-tool ntacl sysvolresetopen: error=2 (No such file or directory)
ERROR(runtime): uncaught exception - (-1073741823, '{Operation Failed} The requested operation was unsuccessful.')
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 239, in run
    lp, use_ntvfs=use_ntvfs)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1609, in setsysvolacl
    set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, use_ntvfs, passdb=s4_passdb)
  File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1502, in set_gpos_acl
    use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb, service=SYSVOL_SERVICE)
  File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 162, in setntacl
    smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
Si quelqu'un a une idée?
Avatar de l’utilisateur
sfonteneau
Expert WAPT
Messages : 1783
Inscription : 10 juil. 2014 - 23:52
Contact :

29 déc. 2017 - 11:45

Pour la partie sysvol c'est normal.

https://dev.tranquil.it/wiki/SAMBA_-_R% ... age_SYSVOL

Avec une solution syncthing du coter windows et du côté linux c'est surement jouable mais il faudra adapter!

Au niveau dns pouvez-vous préciser quelle est l'ip de l'ad windows et du samba 4 ?
eckeagle
Messages : 4
Inscription : 27 déc. 2017 - 17:39

02 janv. 2018 - 17:57

Bonjour

Merci de votre réponse

Pour le problème sysvol c'est compris et résolu

Pour le dns

mon server windows est sur l'ip 192.168.1.78
mon server linux est sur l'ip 192.168.100.3

Suite à de nouveau test ,j'ai refait complètement le serveur
la jonction ne passe que si l'option "vers tous les serveurs executés su des controleurs de domaine de ce domaine: mondomaine.lan est cochée problème srv???
et la synchro dns ne marche toujours pas
Avatar de l’utilisateur
dcardon
Expert WAPT
Messages : 1358
Inscription : 18 juin 2014 - 09:58
Localisation : Saint Sébastien sur Loire
Contact :

15 janv. 2018 - 13:21

eckeagle a écrit : 27 déc. 2017 - 17:55 Bonjour

J'ai un domaine ad sous windows server 2012 r2 donc le niveau fonctionnel de la foret est sous windows server 2008 et le niveau fonctionnel du domaine est sous windows server 2008 r2

j'ai effectué votre tuto https://dev.tranquil.it/wiki/SAMBA_-_In ... secondaire pour ajouter un dc debian9 samba4 au moment de la jonction il me donne ceux-ci:
Même si le niveau de forêt est 2k8r2, le serveur win2k12 ajoute des trucs spécifiques qui ne sont pas compatibles avec Samba-AD (du moins c'était encore vrai il y a 5-6 mois). Il y a eu des commits qui sont passé sur la mailing list pour résoudre ce problème et ajouter le support des schémas 2k12 (je parle ici des schémas, pas des fonctions silos, FAST, etc.).
Il faut mieux faire le test avec un win2k8r2, ou attendre Samba 4.8 qui devrait probablement inclure ces évolutions.

Denis
Denis Cardon - Tranquil IT
Communiquez autour de vous sur WAPT! Envoyez nous vos url de blog et d'articles dans la catégorie votre avis du forum, nous les mettrons en avant sur le site WAPT
Avatar de l’utilisateur
dcardon
Expert WAPT
Messages : 1358
Inscription : 18 juin 2014 - 09:58
Localisation : Saint Sébastien sur Loire
Contact :

15 janv. 2018 - 13:27

eckeagle a écrit : 02 janv. 2018 - 17:57 Pour le dns

mon server windows est sur l'ip 192.168.1.78
mon server linux est sur l'ip 192.168.100.3

Suite à de nouveau test ,j'ai refait complètement le serveur
la jonction ne passe que si l'option "vers tous les serveurs executés su des controleurs de domaine de ce domaine: mondomaine.lan est cochée problème srv???
et la synchro dns ne marche toujours pas
Je viens de joindre un AD 2k8r2 à mon domaine Samba-AD en 4.7.4. J'ai bien un soucis de réplication des zones DNS (en fait le KCC n'a même pas créé les repsfrom / repsto correspondant). Ca doit être une régression ou bien il y a un truc pourri dans mes partitions DC=DomainDNSZones et DC=ForestDNSZones. Pas de soucis pour les autres partitions... Ça a marché dans le passé, bien que l'on ne recommande pas d'avoir des domaines mixtes Samba/MS. Je jetterai un deuxième coup d'oeil dans l'après midi si j'ai le temps.

Denis
Denis Cardon - Tranquil IT
Communiquez autour de vous sur WAPT! Envoyez nous vos url de blog et d'articles dans la catégorie votre avis du forum, nous les mettrons en avant sur le site WAPT
eckeagle
Messages : 4
Inscription : 27 déc. 2017 - 17:39

15 janv. 2018 - 23:19

Je commençais à supposer que cela venait de network-manager. oui j'ai installé l'interface gnome ce ne sais pas recommender
Verrouillé