Takeover scheitert kann alternativ der UCS Mitgliedsserver hochgestuft werden?

Hallo,

Wir probieren gerade ein Takeover an einem Win2008 ( nicht R2 )
leider kommen Wir nicht wirklich weiter .

Was gut funktioniert war einen Mitgliedsserver in die Domäne einzutragen
Wir können die Benutzer und Gruppen im UCS soweit sehen.

Fragen:

ist es möglich den UNS-Mitgliedserver zum neuen AD ohne das Takeover zu machen
oder
Ist es möglich einen neuen UCS als UNS-Domainserver zu installieren und das AD
bsp über JXPlorer zu übertragen , damit wir die Daten ( Benutzer / Gruppen / PC )
nicht verloren sind ,

leider sind am Windows DC nicht mehr viele Optionen offen, da dieser auf Blech
läuft und so leise vor sich hin stirbt

hier das LogFile des Take-Over ggf kann dort jemand erkennen warum das nicht funktioniert:

2019-08-15 15:47:08,039 Found account Gast with well known RID 501 (Guest)
2019-08-15 15:47:08,040 Found account Administrator with well known RID 500 (Administrator)
2019-08-15 15:47:08,040 Found account krbtgt with well known RID 502 (KRBTGT)
2019-08-15 15:47:08,062 Found group Domänencomputer with well known RID 515 (Domain Computers)
2019-08-15 15:47:08,063 Found group Domänen-Benutzer with well known RID 513 (Domain Users)
2019-08-15 15:47:08,063 Found group RAS- und IAS-Server with well known RID 553 (RAS and IAS Servers)
2019-08-15 15:47:08,063 Found group Domänen-Gäste with well known RID 514 (Domain Guests)
2019-08-15 15:47:08,063 Found group Zertifikatherausgeber with well known RID 517 (Cert Publishers)
2019-08-15 15:47:08,063 Found group Richtlinien-Ersteller-Besitzer with well known RID 520 (Group Policy Creator Owners)
2019-08-15 15:47:08,064 Found group Schema-Admins with well known RID 518 (Schema Admins)
2019-08-15 15:47:08,064 Found group Organisations-Admins with well known RID 519 (Enterprise Admins)
2019-08-15 15:47:08,064 Found group Domänen-Admins with well known RID 512 (Domain Admins)
2019-08-15 15:47:08,064 Found group Domänencontroller with well known RID 516 (Domain Controllers)
2019-08-15 15:47:08,064 Found group Zulässige RODC-Kennwortreplikationsgruppe with well known RID 571 (Allowed RODC Password Replication Group)
2019-08-15 15:47:08,064 Found group Abgelehnte RODC-Kennwortreplikationsgruppe with well known RID 572 (Denied RODC Password Replication Group)
2019-08-15 15:47:08,064 Found group Domänencontroller ohne Schreibzugriff with well known RID 521 (Read-Only Domain Controllers)
2019-08-15 15:47:08,065 Found group Domänencontroller der Organisation ohne Schreibzugriff with well known RID 498 (Enterprise Read-only Domain Controllers)
2019-08-15 15:47:08,115 determine_license for current UCS Users: 1 of unlimited
2019-08-15 15:47:08,115   0 Systemaccounts are ignored.
2019-08-15 15:47:08,115 Found 571 Benutzer objects on the remote server.
2019-08-15 15:47:10,555 INFO: Time difference is less than 180 seconds, skipping reset of local time
2019-08-15 15:47:10,577 Starting phase I of the takeover process.
2019-08-15 15:47:10,578 Calling: univention-config-registry set hosts/static/192.168.20.1=DC1.S-WURST.local DC1
2019-08-15 15:47:10,840 Create hosts/static/192.168.20.1
2019-08-15 15:47:10,841 Multifile: /etc/hosts
2019-08-15 15:47:10,853 Calling: /etc/init.d/univention-s4-connector stop
2019-08-15 15:47:10,957 Stopping univention-s4-connector (via systemctl): univention-s4-connector.service.
2019-08-15 15:47:10,957 Calling: /etc/init.d/samba-ad-dc stop
2019-08-15 15:47:11,113 Stopping samba-ad-dc (via systemctl): samba-ad-dc.service.
2019-08-15 15:47:11,115 Calling: univention-config-registry set nameserver1/local=127.0.0.1 nameserver1=192.168.20.1 directory/manager/web/modules/users/user/properties/username/syntax=string directory/manager/web/modules/groups/group/properties/name/syntax=string dns/backend=ldap
2019-08-15 15:47:11,540 Create nameserver1/local
2019-08-15 15:47:11,548 Calling: /etc/init.d/nscd stop
2019-08-15 15:47:11,670 Stopping nscd (via systemctl): nscd.service.
2019-08-15 15:47:11,670 Calling: /etc/init.d/bind9 restart
2019-08-15 15:47:12,874 Restarting bind9 (via systemctl): bind9.service.
2019-08-15 15:47:12,875 Starting Samba domain join.
2019-08-15 15:47:22,499 INFO 2019-08-15 15:47:22,498 pid:11577 /usr/lib/python2.7/dist-packages/samba/join.py #1519: workgroup is S-WURST
2019-08-15 15:47:22,500 INFO 2019-08-15 15:47:22,498 pid:11577 /usr/lib/python2.7/dist-packages/samba/join.py #1522: realm is S-WURST.local
2019-08-15 15:47:55,180 Could not find machine account in secrets database: Failed to fetch machine account password from secrets.ldb: Could not find entry to match filter: '(&(flatname=S-WURST)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No such object: dsdb_search at ../../source4/dsdb/common/util.c:4712 and failed to open /var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
2019-08-15 15:47:55,199 ERROR(ldb): uncaught exception - LDAP error 51 LDAP_BUSY -  <000021A2: SvcErr: DSID-030A0AF2, problem 5001 (BUSY), data 0
2019-08-15 15:47:55,200 > <>
2019-08-15 15:47:55,200   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 184, in _run
2019-08-15 15:47:55,200     return self.run(*args, **kwargs)
2019-08-15 15:47:55,200   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 699, in run
2019-08-15 15:47:55,200     backend_store=backend_store)
2019-08-15 15:47:55,201   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1535, in join_DC
2019-08-15 15:47:55,201     ctx.do_join()
2019-08-15 15:47:55,201   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1427, in do_join
2019-08-15 15:47:55,201     ctx.join_add_objects()
2019-08-15 15:47:55,201   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 698, in join_add_objects
2019-08-15 15:47:55,202     ctx.samdb.modify(m)
2019-08-15 15:47:55,202 Adding CN=UCS-1,OU=Domain Controllers,DC=S-WURST,DC=local
2019-08-15 15:47:55,202 Adding CN=UCS-1,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=S-WURST,DC=local
2019-08-15 15:47:55,203 Adding CN=NTDS Settings,CN=UCS-1,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=S-WURST,DC=local
2019-08-15 15:47:55,203 Join failed - cleaning up
2019-08-15 15:47:55,203 Deleted CN=UCS-1,OU=Domain Controllers,DC=S-WURST,DC=local
2019-08-15 15:47:55,203 Deleted CN=NTDS Settings,CN=UCS-1,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=S-WURST,DC=local
2019-08-15 15:47:55,204 Deleted CN=UCS-1,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=S-WURST,DC=local
2019-08-15 15:47:55,227 Calling: univention-config-registry unset hosts/static/192.168.20.1
2019-08-15 15:47:55,487 Unsetting hosts/static/192.168.20.1
2019-08-15 15:47:55,488 Multifile: /etc/hosts
2019-08-15 15:47:55,489 Calling: /etc/init.d/samba-ad-dc start
2019-08-15 15:47:56,130 Starting samba-ad-dc (via systemctl): samba-ad-dc.service.
2019-08-15 15:47:56,130 Calling: /etc/init.d/univention-s4-connector start
2019-08-15 15:48:02,815 Starting univention-s4-connector (via systemctl): univention-s4-connector.service.
2019-08-15 15:48:02,815 Calling: univention-config-registry set nameserver1=127.0.0.1
2019-08-15 15:48:03,031 Setting nameserver1
2019-08-15 15:48:03,032 File: /etc/resolv.conf
2019-08-15 15:48:03,034 Calling: univention-config-registry unset nameserver1/local
2019-08-15 15:48:03,234 Unsetting nameserver1/local
2019-08-15 15:48:03,234 File: /etc/resolv.conf
2019-08-15 15:48:03,252 Calling: univention-config-registry set dns/backend=samba4
2019-08-15 15:48:03,529 Setting dns/backend
2019-08-15 15:48:03,530 Calling: /etc/init.d/bind9 restart
2019-08-15 15:48:04,726 Restarting bind9 (via systemctl): bind9.service.
2019-08-15 15:48:04,726 Calling: /etc/init.d/nscd restart
2019-08-15 15:48:04,806 Restarting nscd (via systemctl): nscd.service.
2019-08-15 15:48:04,806 Der Domänenbeitritt schlug fehl, die Logdatei /var/log/univention/ad-takeover.log enthält genauere Details.
Mastodon