ActiveDirectory/DC
Использование Samba 4 в роли контроллера домена Active Directory.
Миграция существующего сервера
На базе https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO
1. Остановить службу smb, оставить включенной службу slapd
server smb stop
2. Скопируем для миграции данные в один каталог:
mkdir /var/lib/samba/dbdir
cp -pv /var/lib/samba/private/* /var/lib/samba/dbdir
cp -pv /var/lib/samba/{account_policy,gencache_notrans,group_mapping}.tdb /var/lib/samba/dbdir
Должно скопироваться пять файлов .tdb
3. Под root запустим classicupgrade c BIND9 (вместо внутреннего DNS по умолчанию):
samba-tool domain classicupgrade --dbdir=/var/lib/samba/dbdir --use-xattrs=yes --realm=school.alt --dns-backend=BIND9_DLZ /etc/samba/smb.conf
TODO:
Внимание! samba-tool: команда не найдена
В ALT Linux пакет samba собран с %def_without dc
Reading smb.conf
Provisioning
No builtin nor plugin backend for samba_dsdb found
ERROR(<class 'passdb.error'>): uncaught exception - Cannot load backend methods for 'samba_dsdb' backend (-1073741811,Unexpected information received)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line 1318, in run
useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs)
File "/usr/lib64/python2.7/site-packages/samba/upgrade.py", line 616, in upgrade_from_samba3
s3db = samba3.get_sam_db()
File "/usr/lib64/python2.7/site-packages/samba/samba3/__init__.py", line 390, in get_sam_db
return passdb.PDB(self.lp.get('passdb backend'))
Запуск нового сервера
# samba-tool domain provision
Realm [SCHOOL.ALT]:
Domain [SCHOOL]:
Server Role (dc, member, standalone) [dc]:
DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
DNS forwarder IP address (write 'none' to disable forwarding) [127.0.0.1]:
Administrator password:
Retype password:
Looking up IPv4 addresses
More than one IPv4 address found. Using 192.168.1.1
Looking up IPv6 addresses
No IPv6 address will be assigned
Error loading module '/usr/lib64/samba/vfs/dfs_samba4.so': /usr/lib64/samba/vfs/dfs_samba4.so: cannot open shared object file: No such file or directory
error probing vfs module 'dfs_samba4': NT_STATUS_UNSUCCESSFUL
smbd_vfs_init: vfs_init_custom failed for dfs_samba4
Error loading module '/usr/lib64/samba/vfs/dfs_samba4.so': /usr/lib64/samba/vfs/dfs_samba4.so: cannot open shared object file: No such file or directory
error probing vfs module 'dfs_samba4': NT_STATUS_UNSUCCESSFUL
smbd_vfs_init: vfs_init_custom failed for dfs_samba4
ldb: unable to dlopen /usr/lib64/samba/ldb/acl.so : libkrb5-samba4.so.26: cannot open shared object file: No such file or directory
ldb: unable to dlopen /usr/lib64/samba/ldb/password_hash.so : libkrb5-samba4.so.26: cannot open shared object file: No such file or directory
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
WARNING: Module [password_hash] not found - do you need to set LDB_MODULES_PATH?
module samba_dsdb initialization failed : Operations error
Unable to load modules for /var/lib/samba/private/sam.ldb: (null)
ERROR(ldb): uncaught exception - None
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line 398, in run
use_rfc2307=use_rfc2307, skip_sysvolacl=False)
File "/usr/lib64/python2.7/site-packages/samba/provision/__init__.py", line 2114, in provision
schema=schema, fill=samdb_fill, am_rodc=am_rodc)
File "/usr/lib64/python2.7/site-packages/samba/provision/__init__.py", line 1201, in setup_samdb
samdb.connect(path)
File "/usr/lib64/python2.7/site-packages/samba/samdb.py", line 71, in connect
options=options)