Hallo Zusammen,
ich hab in Zukunft die Ehre einen NT 4.0 auf UCS zu migrieren.
Gibt es dafü eine Doku?
“NT 4.0 Migration leicht gemacht” oder so …
gefunden 
2.2: http://www.univention.de/fileadmin/download/dokumentation_2.2/ucs22_windows_migration.pdf
2.3: http://www.univention.de/fileadmin/download/dokumentation_2.3/ucs-windows-migration.pdf
LG
Franz
Hallo Zusammen ich bekommme folgende Fehlermeldung wenn ich NT 4.0 anzapfen will.
[code]root@horn4null:~# univention-pdc-takeover -w 192.168.0.116
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
Domainname: martina.local
PDC Hostname: nt4null
Administrator Account: Administrator
Password:
stopping Samba PDC… OK.
deleting local cache… OK.
looking up previous Windows PDC for “martina.local”… OK.
restart nscd… OK.
Join into Domain…OK
Vampire NT Domain…
ERROR during takeover:
Failed to vampire NT domain[/code]
in der Logdatei steht folgendes:
[code]less +F /var/log/univention/pdc-takeover.log
stopping Samba PDC…
LG
Franz
Schönes Wochenende an alle
Hallo,
wie ist das Netzwerk der beiden Systeme konfiguriert? Die Ausgaben der folgenden Befehle wären hilfreich:
ucr search interface
ucr search sambaDie Ausgaben können am besten als Anhang bereitgestellt werden.
Mit freundlichen Grüssen
Tobias Scherer
[code]ucr search interface
interfaces/eth0/address: 192.168.0.117
IP address of the network interface
Categories: system-network
interfaces/eth0/broadcast: 192.168.0.255
Broadcase address of the network interface
Categories: system-network
interfaces/eth0/netmask: 255.255.255.0
Netmask of the network interface
Categories: system-network
interfaces/eth0/network: 192.168.0.0
Network of the network interface
Categories: system-network
interfaces/handler: ifplugd
samba/interfaces/bindonly:
Limits Samba to listen only on the interfaces listed in samba/interfaces.
Categories: service-samba
root@horn4null:~# ucr search samba
samba/adminusers: administrator
List of users with administrative rights in samba
Categories: service-samba
samba/autostart: yes
Enable/Disable Samba start on bootup
Categories: service-samba
samba/charset/display:
Charset used to print messages to stdout and stderr (should be the same as the samba/charset/unix)
Categories: service-samba
samba/charset/dos:
Charset used to communicate with DOS SMB clients
Categories: service-samba
samba/charset/unix:
Charset of the machine samba runs on
Categories: service-samba
samba/client_use_spnego: yes
Controls whether Samba clients will try to use Simple and Protected NEGOciation
Categories: service-samba
samba/deadtime: 15
Time span of inactivity in minutes before a connection is considered dead and eventually disconnected
Categories: service-samba
samba/debug/level: 0
Debug level for samba processes
Categories: service-samba
samba/domain/logons: auto
Enables/Disables support for windows 9X network logons and NT4 style domain services (valid values: no/auto/yes)
Categories: service-samba
samba/domainmaster:
Try to acts as domain master browser
Categories: service-samba
samba/enable-msdfs:
Act as a DFS server and allow DFS-aware clients to browse DFS trees
Categories: service-samba
samba/enable-privileges:
Honor privileges assigned to specific SIDs
Categories: service-samba
samba/encrypt_passwords: yes
Negotiate encrypted passwords with the client
Categories: service-samba
samba/generate_smbpasswd: false
Enable/Disable usage of the local TDBSAM database on Samba installation
Categories: service-samba
samba/getwd_cache: yes
Enables a caching algorithm to reduce the time taken for getwd() calls
Categories: service-samba
samba/guest_account: nobody
Username for unauthenticated services (guest ok)
Categories: service-samba
samba/homedirletter: I
Drive for the home directory
Categories: service-samba
samba/homedirpath: %U
Path to the home directory for Win95/98 or NT workstations
Categories: service-samba
samba/homedirserver: horn4null
Fully qualified domain name of the server providing the home directories
Categories: service-samba
samba/idmap/domains:
Domain names of Windows domains for which SID to posix ID mappings should be resolved via idmap_ldap by an authenticated LDAP search in the UCS directory service
Categories: service-samba
samba/interfaces/bindonly:
Limits Samba to listen only on the interfaces listed in samba/interfaces.
Categories: service-samba
samba/invalid_users: daemon bin sys sync games man lp mail news uucp proxy majordom postgres www-data backup msql operator list irc gnats alias qmaild qmails qmailr qmailq qmaill qmailp telnetd identd ftp rwhod gdm fetchmail faxmaster
List of users that are not allowed to login to this samba service
Categories: service-samba
samba/kernel_oplocks: yes
Turns the use of kernel based oplocks on/off
Categories: service-samba
samba/large_readwrite: yes
Enable/disable the 64k streaming read and write varient SMB requests
Categories: service-samba
samba/ldap/replication/sleep:
Milliseconds to wait for the LDAP replication to finish
Categories: service-samba
samba/logonscript:
Path to netlogon script (relative to the [netlogon] service)
Categories: service-samba
samba/map_to_guest: Bad User
What to do with user login requests that don’t match a valid UNIX user
Categories: service-samba
samba/max_xmit: 65535
Maximum packet size that will be negotiated
Categories: service-samba
samba/netbios/aliases:
Additional NetBIOS names under which the Samba server is known
Categories: service-samba
samba/netbios/filter:
Regular expression matching the hosts to appear in the browse list
Categories: service-samba
samba/netlogon/sync: sync
Adjust synchronisation of samba netlogon scripts
Categories: service-samba
samba/oplocks: yes
Issue oplocks to file open requests
Categories: service-samba
samba/os/level: 65
The level Samba advertises itself as for browse elections
Categories: service-samba
samba/preserve_case: yes
Controls if new filenames are created with the case that the client passes, or if they are forced to be the default case
Categories: service-samba
samba/profilepath: %U\windows-profiles%a
Specifies the directory where roaming profiles are stored
Categories: service-samba
samba/profileserver: horn4null
Specifies the samba server where roaming profiles are stored
Categories: service-samba
samba/read_raw: yes
Support 64 kByte packets when transferring data to clients
Categories: service-samba
samba/script/addgroup: true
samba/script/addmachine: true
samba/script/adduser: true
samba/script/addusertogroup: true
samba/script/deletegroup: true
samba/script/deleteuser: true
samba/script/deleteuserfromgroup: true
samba/script/postusermodify: false
samba/script/setprimarygroup: true
samba/serverstring:
String that will show up in printer comment box and ‘net view’
Categories: service-samba
samba/share/groups: no
Enable/Disable the group share
Categories: service-samba
samba/share/home: yes
Enable/Disable the home directory share
Categories: service-samba
samba/short_preserve_case: yes
Controls if new files which conform to 8.3 (DOS) syntax are created upper case, or if they are forced to be the default case
Categories: service-samba
samba/socket_options:
Extra socket options to be used when talking with the client
Categories: service-samba
samba/store_dos_attributes: yes
Attempt to read DOS attributes from a filesystem extended attribute, before mapping DOS attributes to UNIX permission bits
Categories: service-samba
samba/time_server: yes
Advertises samba as a time server to Windows clients
Categories: service-samba
samba/use_spnego: yes
Try to use Simple and Protected NEGOciation with Windows 2000 and XP clients
Categories: service-samba
samba/user: cn=admin,dc=martina,dc=at
Alternative LDAP admin DN
Categories: service-samba
samba/winbind/nested/groups: no
Enables/Disables support for nested groups
Categories: service-samba
samba/winbind/trusted/domains/only: yes
Allow Samba member-servers of a samba domain to use UNIX accounts distributet via LDAP/NIS/rsync as the uid’s for winbindd users
Categories: service-samba
samba/write_raw: yes
Enable the Server to write raw SMBs when transfering data from clients
Categories: service-samba
[/code]
LG
Franz
(geht bei euch dir Signatur? bei mir nicht 
)
Hallo,
kann der Name des NT Servers vom UCS System aus problemlos aufgelöst werden?
Mit freundlichen Grüssen
Tobias Scherer
leider geht der nslookup horn4null
;; Got SERVFAIL reply from 192.168.0.117, trying next server
;; Got SERVFAIL reply from 192.168.0.117, trying next server
Server: 192.168.0.1
Address: 192.168.0.1#53
** server can’t find horn4null: NXDOMAIN
und auf nt4null nicht
reverse Lookup geht also IP auf name.
LG
Franz
Ich werde für meinen Test den Server neu aufsetzten mit der gleichen domäne damit ich ein jungfreuliches System habe.
LG
Franz
Sehr gut jetzt habe ich einen funktionierenden UCS / DNS
nslookup nt4null
;; Got SERVFAIL reply from 192.168.0.117, trying next server
Server: 192.168.0.1
Address: 192.168.0.1#53
** server can't find nt4null: NXDOMAIN
root@horn4null:~# /etc/init.d/univention-bind
univention-bind univention-bind-proxy
root@horn4null:~# /etc/init.d/univention-bind restart
* Restarting univention-bind daemon:
ok: run: univention-bind: (pid 9405) 0s, normally down
...done.
root@horn4null:~# nslookup nt4null
Server: 192.168.0.117
Address: 192.168.0.117#53
Name: nt4null.martina.local
Address: 192.168.0.116[/code]
teste jetzt ob es funktioniert.
weiterer Test:
[b]univention-pdc-takeover -w 192.168.0.116 -D martina.local -S nt4null -U Administrator[/b][code]
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright (c) 2001-2009 Univention GmbH, Germany
Password:
stopping Samba PDC... OK.
deleting local cache... OK.
looking up previous Windows PDC for "martina.local"... OK.
restart nscd... OK.
Join into Domain...OK
Vampire NT Domain...
ERROR during takeover:
Failed to vampire NT domain[/code]
[b]less +F /var/log/univention/pdc-takeover.log[/b]
[code]stopping Samba PDC...
* Stopping Samba daemons: nmbd
* Stopping Samba daemons: smbd
...done.
OK.
deleting local cache...
OK.
looking up previous Windows PDC for "martina.local"...
ERROR during takeover:
failed to lookup Windows PDC, check if Domain is reachable
stopping Samba PDC...
* Stopping Samba daemons: nmbd
* Stopping Samba daemons: smbd
...done.
OK.
deleting local cache...
OK.
looking up previous Windows PDC for "martina.local"...
192.168.0.116
OK.
restart nscd...
* Restarting NSCD
.
OK.
Setting windows/domain
Multifile: /etc/samba/smb.conf
Join into Domain...
Joined domain MARTINA.LOCAL.
OK
Vampire NT Domain...
[2010/04/12 13:45:17, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(3377)
cli_rpc_pipe_open_schannel: failed to get schannel session key from server nt4null for domain MARTINA.LOCAL.
[2010/04/12 13:45:17, 0] utils/net_rpc.c:run_rpc_command(165)
Could not initialise schannel netlogon pipe. Error was NT_STATUS_INVALID_NETWORK_RESPONSE
ERROR during takeover:
Failed to vampire NT domainLG
Franz
Hallo,
bin am verzweifeln mit euren UCServern,
hab jetzt einen UCS neu aufgesetzt 2.2.0
versucht die NT 4.0 Domäne zu übernehmen.
Leider liegt es auch nicht an der neueren UCS Version 2.3
DNS stimmt:
[code]root@horn4null:~# nslookup nt4null
Server: 192.168.0.118
Address: 192.168.0.118#53
Name: nt4null.martina.local
Address: 192.168.0.116[/code]
ping geht:
ping nt4null
PING nt4null.martina.local (192.168.0.116) 56(84) bytes of data.
64 bytes from nt4null.martina.local (192.168.0.116): icmp_seq=1 ttl=128 time=4.79 ms
64 bytes from nt4null.martina.local (192.168.0.116): icmp_seq=2 ttl=128 time=1.07 ms
64 bytes from nt4null.martina.local (192.168.0.116): icmp_seq=3 ttl=128 time=0.466 ms
64 bytes from nt4null.martina.local (192.168.0.116): icmp_seq=4 ttl=128 time=0.461 ms
64 bytes from nt4null.martina.local (192.168.0.116): icmp_seq=5 ttl=128 time=1.03 ms
egal mit welchen Namen ob kurz oder lang es funktioniert nicht.
[code]univention-pdc-takeover
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
Domainname: martina.local
PDC Hostname: nt4null
Administrator Account: Administrator
Password:
stopping Samba PDC… OK.
deleting local cache… OK.
looking up previous Windows PDC for “martina.local”…
ERROR during takeover:
failed to lookup Windows PDC, check if Domain is reachable
root@horn4null:~# univention-pdc-takeover
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
Domainname: martina
PDC Hostname: nt4null
Administrator Account: Administrator
Password:
stopping Samba PDC… OK.
deleting local cache… OK.
looking up previous Windows PDC for “martina”…
ERROR during takeover:
failed to lookup Windows PDC, check if Domain is reachable
[/code]
in der Logdatei less +F /var/log/univention/pdc-takeover.log steht:
stopping Samba PDC...
Stopping Samba daemons: nmbd smbd.
OK.
deleting local cache...
OK.
looking up previous Windows PDC for "martina.local"...
ERROR during takeover:
failed to lookup Windows PDC, check if Domain is reachable
stopping Samba PDC...
Stopping Samba daemons: nmbd smbd.
OK.
deleting local cache...
OK.
looking up previous Windows PDC for "martina"...
ERROR during takeover:
failed to lookup Windows PDC, check if Domain is reachable
stopping Samba PDC...
Stopping Samba daemons: nmbd smbd.
OK.
deleting local cache...
OK.
looking up previous Windows PDC for "martina.local"...
ERROR during takeover:
failed to lookup Windows PDC, check if Domain is reachable
stopping Samba PDC...
Stopping Samba daemons: nmbd smbd.
OK.
deleting local cache...
OK.
looking up previous Windows PDC for "martina"...
ERROR during takeover:
failed to lookup Windows PDC, check if Domain is reachable
Bei den Scripten gibt es keinen Versionsunterschied wie ich feststellen konnte:
[code]univention-pdc-takeover.old --version
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
univention-pdc-takeover 3.0.11-2.173.200903101333
root@horn4null:~# univention-pdc-takeover --version
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
univention-pdc-takeover 3.0.11-2.173.200903101333[/code]
LG
Franz
Hallo,
Handelt es sich bei “nt4null” um den PDC oder einen BDC oder Memberserver der alten Domäne?
Mit freundlichen Grüssen
Tobias Scherer
um einen neu aufgesetzten NT 4.0 PDC Build 1381 SP 1 steht beim Bootvorgang.
ein paar user und ein paar Gruppen angelegt.
ist das ok wenn ich die gleiche Dom bei UCS so wie bei NT 4.0 hab?
UCS ist PDC mit der gleichen Domäne.
hab einen kurzen Test gemacht mit der Version:
[code]univention-pdc-takeover --version
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
univention-pdc-takeover 3.0.14-1.186.200907071420
root@horn4null:~# univention-pdc-takeover.old --version
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
univention-pdc-takeover 3.0.14-1.186.200907071420[/code]
leider auch mit dem gleichem ergebniss:
[code]univention-pdc-takeover
univention-pdc-takeover: Import Accounts and Groups from Windows NT
copyright © 2001-2009 Univention GmbH, Germany
Domainname: martina.local
PDC Hostname: nt4null
Administrator Account: Administrator
Password:
stopping Samba PDC… OK.
deleting local cache… OK.
looking up previous Windows PDC for “martina.local”… OK.
restart nscd… OK.
Join into Domain…OK
Vampire NT Domain…
ERROR during takeover:
Failed to vampire NT domain
[/code]
LG
Franz
Hallo,
wenn ich mir die Auszüge der Logdateien anschaue scheint es als wären eine ganze Reihe unterschiedliche Probleme aufgetreten. Um sicher zu stellen dass wir jetzt mit den gleichen Informationen Arbeiten, beantworten Sie bitte die folgenden Punkte:
Bitte hängen Sie zusätzlich die Logdatei des letzten Takeover Prozesses an.
Mit freundlichen Grüßen
Janis Meybohm
Hallo,
soweit bekannt haben wir das Verfahren intern mit NT4.0 SP6 getestet. Besteht die Möglichkeit dass Sie das NT-System auf SP6 aktualisieren und den PDC-Takeover noch einmal durchführen?
Mit freundlichen Grüßen
Janis Meybohm
Na das ist mal ein Ansatz der mich weiterbringt Danke ich werde das testen.
LG
Franz
Windows NT SP6
Beim univention-pdc-takeover tritt ein Fehler auf, kann die Domäne nicht beitreten:
Join into Domain…
[2010/06/22 19:01:53, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(402)
Error in domain join verification (credential setup failed): NT_STATUS_INVALID_COMPUTER_NAME
Unable to join domain KSOFTCOM.
ERROR during takeover:
Failed to join domain
Mit einem Windows XP Client funktionert der Beitritt Problemlos.
Woran kanns liegen??
Danke!
Danke, hat sich erledigt…
Hab Bei Hostname die IP angegeben anstatt des Hostnamens :-)…
lg