Hi, Andrew vampiring samba4 and samba4 starts well but it fails with NT code 0xc0002101. Can u guys plz help me failed to get principal from default ccache: No such file or directory: open(/tmp/krb5cc_0): ��, GENSEC backend 'sasl-DIGEST-MD5' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'ntlmssp' registered added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 Mapped to DCERPC endpoint \pipe\lsarpc added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 Received smb_krb5 packet of length 298 Received smb_krb5 packet of length 198 Mapped to DCERPC endpoint 135 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 Mapped to DCERPC endpoint 1024 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 ldb_wrap open of ldap://DC1 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 ldb_wrap open of ldap://dc1.administrator.test.net/ Become DC [(null)] of Domain[ADMINISTRATOR]/[administrator.test.net] Promotion Partner is Server[dc1.administrator.test.net] from Site[Servers] Options:crossRef behavior_version[2] schema object_version[47] domain behavior_version[2] domain w2k3_update_revision[8] Mapped to DCERPC endpoint 135 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 Mapped to DCERPC endpoint 1024 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 Provision for Become-DC test using python New Server in Site[Default-First-Site-Name] DSA Instance [(null)] invocationId[None] Pathes under targetdir[(null)] Setting up secrets.ldb Setting up the registry Setting up the privileges database Setting up idmap db Setting up SAM db Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema Please install the phpLDAPadmin configuration located at /root/prefix.s4.2/private/phpldapadmin-config.php into /etc/phpldapadmin/config.php Once the above files are installed, your Samba4 server will be ready to use Server Role: domain controller Hostname: DC6 NetBIOS Domain: ADMINISTRATOR DNS Domain: administrator.test.net DOMAIN SID: S-1-5-21-605618478-2351252404-55714290 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 added interface ip=192.168.1.4 nmask=255.255.255.0 Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1518] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net] objects[55/1518] linked_values[0/0] Analyze and apply schema objects Replicated 1518 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[133/1578] linked_values[0/0] naming_fsmo_init: no partitions dn present: (skip loading of naming contexts details) Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[266/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[399/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[532/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[665/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[798/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[931/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[1064/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[1197/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[1330/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[1463/1578] linked_values[0/0] Replicated 133 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[CN=Configuration,DC=administrator,DC=test,DC=net] objects[1578/1578] linked_values[0/0] Replicated 115 objects (0 linked attributes) for CN=Configuration,DC=administrator,DC=test,DC=net Partition[DC=administrator,DC=test,DC=net] objects[133/148] linked_values[0/0] pdc_fsmo_init: no domain object present: (skip loading of domain details) Replicated 133 objects (0 linked attributes) for DC=administrator,DC=test,DC=net Partition[DC=administrator,DC=test,DC=net] objects[148/148] linked_values[0/0] Replicated 15 objects (0 linked attributes) for DC=administrator,DC=test,DC=net libnet_BecomeDC() failed - NT code 0xc0002101 Vampire of domain failed: NT code 0xc0002101 return code = -1
Sorry, we are a bit behind with bug resolving. Well, okay, according to the table located in http://msdn.microsoft.com/en-us/library/cc231199(PROT.10).aspx this error code (2021) means DS_PROTOCOL_ERROR. So alone with this information very hard to say what the cause is about. First, I hope you are aware that the vampire isn't very stable yet. So if you really rely on it for a production system we don't suggest it yet - for testing it's fine (without we cannot improve it :). Second, to help us fixing this issue provide: - which s4 release (alpha number) or the date when you last checked it out from the GIT tree (also the GIT revision number is acceptable for us). - much more important: which Windows Server release, service pack level, domain & forest function level. - your AD content: do you keep special objects (I mean those different from standard users, groups, computers, ... which you find everywhere) in the directory? Did you add schema before the vampire?
Please give additional informations as otherwise we are constrained to close this bug with "INVALID" soon.
This is s4 and S4 replication and it s4 alpha9 and unfortunately it is giving me error and I even try to vampire to a windows 2003 domain with sp2 and the same problem arise it is giving me acl error (50). Although it adds the dc into the active directory domain and sites but it cannot modify the schema. The same issue happens when using dcpromo to add a windows 2003 standard server edition and windows 2000 enterprise edition it gives me internal database error and finally check if your network password have sufficient credential.
Samba4 to Samba4 replication is not expected to work at this time. We are much closer, but are still resolving the remaining issues.
Ok Thanks. Here are errors I encountered when trying to add windows 2003 using dcpromo, Failed to modify SPNs on cn=blu2,cn=computers,dc=replication,dc=net: error in module acl: insufficient access rights (50),dn: <GUID=607f0d80-6efd-4782-ada7-ee1187a2a7c1>;CN=Schema,CN=Configuration,DC=replication,DC=net changetype: modify delete: msDs-masteredBy msDs-masteredBy: CN=NTDS Settings,CN=BLU2,CN=Servers,CN=Default-First-Site-Nam e,CN=Sites,CN=Configuration,DC=replication,DC=net - ldb: Failed to apply linked attribute change 'No matching attribute value when deleting attribute: msDs-masteredBy on CN=Schema,CN=Configuration,DC=replication,DC=net' dn: <GUID=607f0d80-6efd-4782-ada7-ee1187a2a7c1>;CN=Schema,CN=Configuration,DC=replication,DC=net changetype: modify delete: msDs-masteredBy msDs-masteredBy: CN=NTDS Settings,CN=BLU2,CN=Servers,CN=Default-First-Site-Nam e,CN=Sites,CN=Configuration,DC=replication,DC=net - dsdb/samdb/ldb_modules/linked_attributes.c:1229: Failed mod request ret=16 ndr_push_error(16): NULL [ref] pointer Impossible to update samdb: ltdb modify without transaction Impossible to update samdb: ltdb modify without transaction Failed to modify SPNs on cn=blu2,cn=computers,dc=replication,dc=net: error in module acl: insufficient access rights (50) Active directory could not replicate the directory partition CN=Schema,CN=Configuration,Dc=replication,DC=net from remote domain controller blu.replication.net. The replication operation encountered a database inconsistency
Please retest all replication bugs against the current tree. There is a *lot* of work going on on at the moment, and even a day old tree may be showing bugs that have already been fixed.
Thanks Andrew it work using samba4 pre-alpha 11 tree and I got s4 and s4 replication working and has also been able to join windows 2003 server to my samba4 domain and replication is working tahnks. The only issue that I had was the second S4 domain controller crash when adding a windows DC through DCpromo which I am sure you guys will resolve and keep on the great work at last we are on our way for production deployment this is the first steps. Congratulation to the samba team.
Are you satisfied with the resolution? So I or you can close this bug with "FIXED".
I am satisfied with the resolution. Bug resolved