univention-samba4 (4.0.3-2.600.201411181758) wird eingerichtet ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/pam.d/samba wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/logrotate.d/samba wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/logrotate.d/winbind wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/base.conf wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/smb.conf.d/71univention-samba_users wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/smb.conf.d/21univention-samba_winbind wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/smb.conf.d/41univention-samba_printing wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/smb.conf.d/51univention-samba_domain wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/smb.conf.d/61univention-samba_misc wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/smb.conf.d/31univention-samba_password wird installiert ... Neue Version der Konfigurationsdatei /etc/univention/templates/files/etc/samba/smb.conf.d/99univention-samba_local_shares wird installiert ... W: failed to convert the username messagebus to the uid File: /etc/logrotate.d/univention-samba4 File: /etc/pam.d/samba File: /etc/cron.d/univention-samba4-backup File: /etc/logrotate.d/winbind File: /etc/logrotate.d/samba File: /etc/samba/base.conf Multifile: /etc/samba/smb.conf dpkg-statoverride: Fehler: Ein Override für »/var/log/samba« existiert bereits, Abbruch Create samba/share/home Create samba/share/groups Create samba/adminusers Create samba/encrypt_passwords Create samba/use_spnego Create samba/oplocks Create samba/kernel_oplocks Create samba/large_readwrite Create samba/deadtime Create samba/read_raw Create samba/write_raw Create samba/max_xmit Create samba/max_open_files Create samba/getwd_cache Create samba/store_dos_attributes Create samba/preserve_case Create samba/short_preserve_case Create samba/guest_account Create samba/map_to_guest Create samba/max/protocol Create samba/enable-msdfs Not updating samba/acl/allow/execute/always File: /etc/samba/base.conf Multifile: /etc/samba/smb.conf Create samba/profileserver Create samba/profilepath Create samba/homedirserver Create samba/homedirpath Create samba/homedirletter Multifile: /etc/samba/smb.conf Create samba/debug/level Create samba4/sysvol/sync/jitter Create samba4/service/smb Create samba4/service/nmb Not updating samba4/ntacl/backend Create samba4/sysvol/sync/setfacl/AU Create samba4/backup/cron File: /etc/samba/base.conf File: /etc/cron.d/sysvol-sync File: /etc/cron.d/univention-samba4-backup Multifile: /etc/samba/smb.conf Create security/packetfilter/package/univention-samba4/tcp/389/all Create security/packetfilter/package/univention-samba4/tcp/389/all/en Create security/packetfilter/package/univention-samba4/udp/389/all Create security/packetfilter/package/univention-samba4/udp/389/all/en Create security/packetfilter/package/univention-samba4/tcp/636/all Create security/packetfilter/package/univention-samba4/tcp/636/all/en Create security/packetfilter/package/univention-samba4/tcp/53/all Create security/packetfilter/package/univention-samba4/tcp/53/all/en Create security/packetfilter/package/univention-samba4/udp/53/all Create security/packetfilter/package/univention-samba4/udp/53/all/en Create security/packetfilter/package/univention-samba4/udp/123/all Create security/packetfilter/package/univention-samba4/udp/123/all/en Create security/packetfilter/package/univention-samba4/tcp/135/all Create security/packetfilter/package/univention-samba4/tcp/135/all/en Create security/packetfilter/package/univention-samba4/tcp/137:139/all Create security/packetfilter/package/univention-samba4/tcp/137:139/all/en Create security/packetfilter/package/univention-samba4/udp/137:139/all Create security/packetfilter/package/univention-samba4/udp/137:139/all/en Create security/packetfilter/package/univention-samba4/tcp/445/all Create security/packetfilter/package/univention-samba4/tcp/445/all/en Create security/packetfilter/package/univention-samba4/udp/445/all Create security/packetfilter/package/univention-samba4/udp/445/all/en Create security/packetfilter/package/univention-samba4/tcp/1024/all Create security/packetfilter/package/univention-samba4/tcp/1024/all/en Create security/packetfilter/package/univention-samba4/tcp/3268/all Create security/packetfilter/package/univention-samba4/tcp/3268/all/en Create security/packetfilter/package/univention-samba4/tcp/3269/all Create security/packetfilter/package/univention-samba4/tcp/3269/all/en Create security/packetfilter/package/univention-samba4/tcp/88/all Create security/packetfilter/package/univention-samba4/tcp/88/all/en Create security/packetfilter/package/univention-samba4/udp/88/all Create security/packetfilter/package/univention-samba4/udp/88/all/en Create security/packetfilter/package/univention-samba4/tcp/464/all Create security/packetfilter/package/univention-samba4/tcp/464/all/en Create security/packetfilter/package/univention-samba4/udp/464/all Create security/packetfilter/package/univention-samba4/udp/464/all/en Create security/packetfilter/package/univention-samba4/tcp/749/all Create security/packetfilter/package/univention-samba4/tcp/749/all/en File: /etc/security/packetfilter.d/10_univention-firewall_start.sh File: /etc/security/packetfilter.d/80_univention-firewall_policy.sh [ ok ] Stopping Univention iptables configuration::. [ ok ] Starting Univention iptables configuration::. Create samba4/autostart Multifile: /etc/samba/smb.conf Create samba/domain/master Multifile: /etc/samba/smb.conf [ ok ] Stopping NTP server: ntpd. [ ok ] Starting NTP server: ntpd. [info] Restarting univention-directory-listener daemon. ok: run: univention-directory-listener: (pid 12947) 0s, normally down done. Calling joinscript 96univention-samba4.inst ... WARNING: It is not possible to install a samba 4 domaincontroller into a samba 3 environment. samba4/ignore/mixsetup is true. Continue as requested Create samba4/role File: /etc/samba/base.conf Multifile: /etc/samba/smb.conf Multifile: /etc/samba/smb.conf Setting samba/quota/command Multifile: /etc/samba/smb.conf [ ok ] Stopping Samba AD DC daemon: samba. Samba is configured as AD DC, service smbd is controlled by the main samba daemon. [ ok ] Stopping NetBIOS name server: nmbd. Stopping Heimdal password server: kpasswdd. Stopping Heimdal KDC: heimdal-kdc. Setting samba/autostart Create winbind/autostart Setting kerberos/autostart Multifile: /etc/samba/smb.conf Setting samba4/autostart Multifile: /etc/samba/smb.conf Create samba4/ldap/base Multifile: /etc/samba/smb.conf Object created: cn=Builtin,dc=ar40s3,dc=qa Object created: cn=Authenticated Users,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Authenticated Users,cn=Builtin,dc=ar40s3,dc=qa" Object modified: cn=Authenticated Users,cn=Builtin,dc=ar40s3,dc=qa Object created: cn=World Authority,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=World Authority,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Everyone,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Everyone,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Null Authority,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Null Authority,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Nobody,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Nobody,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Enterprise Domain Controllers,cn=groups,dc=ar40s3,dc=qa modifying entry "cn=Enterprise Domain Controllers,cn=groups,dc=ar40s3,dc=qa" Object modified: cn=Enterprise Domain Controllers,cn=groups,dc=ar40s3,dc=qa Object created: cn=Remote Interactive Logon,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Remote Interactive Logon,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=SChannel Authentication,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=SChannel Authentication,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Digest Authentication,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Digest Authentication,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Terminal Server User,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Terminal Server User,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=NTLM Authentication,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=NTLM Authentication,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Other Organization,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Other Organization,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=This Organization,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=This Organization,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Anonymous Logon,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Anonymous Logon,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Network Service,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Network Service,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Creator Group,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Creator Group,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Creator Owner,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Creator Owner,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Local Service,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Local Service,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Owner Rights,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Owner Rights,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Interactive,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Interactive,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Restricted,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Restricted,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Network,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Network,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Service,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Service,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Dialup,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Dialup,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=System,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=System,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Batch,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Batch,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Proxy,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Proxy,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=IUSR,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=IUSR,cn=Builtin,dc=ar40s3,dc=qa" Object created: cn=Self,cn=Builtin,dc=ar40s3,dc=qa modifying entry "cn=Self,cn=Builtin,dc=ar40s3,dc=qa" Create samba/share/netlogon File: /etc/samba/base.conf Multifile: /etc/samba/smb.conf [ ok ] Stopping Samba AD DC daemon: samba. Samba is configured as AD DC, service smbd is controlled by the main samba daemon. [ ok ] Stopping NetBIOS name server: nmbd. Create kerberos/kdc Setting kerberos/kpasswdserver File: /etc/krb5.conf WARNING: The following Samba 3 domaincontroller have been found: master80 backup81 slave82 It is not possible to install a samba 4 domaincontroller into a samba 3 environment.samba4/ignore/mixsetup is true. Continue as requested Create samba4/function/level Multifile: /etc/samba/smb.conf Object modified: cn=Windows Hosts,cn=groups,dc=ar40s3,dc=qa Object modified: cn=DC Backup Hosts,cn=groups,dc=ar40s3,dc=qa Object modified: cn=DC Slave Hosts,cn=groups,dc=ar40s3,dc=qa Object modified: cn=Computers,cn=groups,dc=ar40s3,dc=qa E: DN is missing UPN: None Reading smb.conf WARNING: The "idmap backend" option is deprecated WARNING: The "idmap uid" option is deprecated WARNING: The "idmap gid" option is deprecated WARNING: The "use spnego" option is deprecated WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Provisioning Exporting account policy Exporting groups GROUP 'Domain Admins' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-512' GROUP 'Domain Users' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-513' GROUP 'Domain Guests' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-514' GROUP 'Windows Hosts' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11011' GROUP 'DC Backup Hosts' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11012' GROUP 'DC Slave Hosts' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11013' GROUP 'Computers' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11015' GROUP 'Printer-Admins' GROUP SID 'S-1-5-32-550' Ignoring group 'Printer-Admins' S-1-5-32-550 listed but then not found: Unable to enumerate members for alias, (-1073741487,The specified local group does not exist.) GROUP 'Backup Join' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11017' GROUP 'Slave Join' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11019' GROUP 'group1' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11021' GROUP 'group2' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11023' GROUP 'group3' GROUP SID 'S-1-5-21-767740196-1201359957-1645096316-11025' GROUP 'Authenticated Users' GROUP SID 'S-1-5-11' Ignoring 'well known' group 'Authenticated Users' (should already be in AD, and have no members) GROUP 'World Authority' GROUP SID 'S-1-1' FAILED to get SID/rid GROUP 'Everyone' GROUP SID 'S-1-1-0' Ignoring 'well known' group 'Everyone' (should already be in AD, and have no members) GROUP 'Null Authority' GROUP SID 'S-1-0' FAILED to get SID/rid GROUP 'Nobody' GROUP SID 'S-1-0-0' Ignoring 'well known' group 'Nobody' (should already be in AD, and have no members) GROUP 'Enterprise Domain Controllers' GROUP SID 'S-1-5-9' Ignoring 'well known' group 'Enterprise Domain Controllers' (should already be in AD, and have no members) GROUP 'Remote Interactive Logon' GROUP SID 'S-1-5-14' Ignoring 'well known' group 'Remote Interactive Logon' (should already be in AD, and have no members) GROUP 'SChannel Authentication' GROUP SID 'S-1-5-64-14' Ignoring 'well known' group 'SChannel Authentication' (should already be in AD, and have no members) GROUP 'Digest Authentication' GROUP SID 'S-1-5-64-21' Ignoring 'well known' group 'Digest Authentication' (should already be in AD, and have no members) GROUP 'Terminal Server User' GROUP SID 'S-1-5-13' Ignoring 'well known' group 'Terminal Server User' (should already be in AD, and have no members) GROUP 'NTLM Authentication' GROUP SID 'S-1-5-64-10' Ignoring 'well known' group 'NTLM Authentication' (should already be in AD, and have no members) GROUP 'Other Organization' GROUP SID 'S-1-5-1000' Ignoring 'well known' group 'Other Organization' (should already be in AD, and have no members) GROUP 'This Organization' GROUP SID 'S-1-5-15' Ignoring 'well known' group 'This Organization' (should already be in AD, and have no members) GROUP 'Anonymous Logon' GROUP SID 'S-1-5-7' Ignoring 'well known' group 'Anonymous Logon' (should already be in AD, and have no members) GROUP 'Network Service' GROUP SID 'S-1-5-20' Ignoring 'well known' group 'Network Service' (should already be in AD, and have no members) GROUP 'Creator Group' GROUP SID 'S-1-3-1' Ignoring 'well known' group 'Creator Group' (should already be in AD, and have no members) GROUP 'Creator Owner' GROUP SID 'S-1-3-0' Ignoring 'well known' group 'Creator Owner' (should already be in AD, and have no members) GROUP 'Local Service' GROUP SID 'S-1-5-19' Ignoring 'well known' group 'Local Service' (should already be in AD, and have no members) GROUP 'Owner Rights' GROUP SID 'S-1-3-4' Ignoring 'well known' group 'Owner Rights' (should already be in AD, and have no members) GROUP 'Interactive' GROUP SID 'S-1-5-4' Ignoring 'well known' group 'Interactive' (should already be in AD, and have no members) GROUP 'Restricted' GROUP SID 'S-1-5-12' Ignoring 'well known' group 'Restricted' (should already be in AD, and have no members) GROUP 'Network' GROUP SID 'S-1-5-2' Ignoring 'well known' group 'Network' (should already be in AD, and have no members) GROUP 'Service' GROUP SID 'S-1-5-6' Ignoring 'well known' group 'Service' (should already be in AD, and have no members) GROUP 'Dialup' GROUP SID 'S-1-5-1' Ignoring 'well known' group 'Dialup' (should already be in AD, and have no members) GROUP 'System' GROUP SID 'S-1-5-18' Ignoring 'well known' group 'System' (should already be in AD, and have no members) GROUP 'Batch' GROUP SID 'S-1-5-3' Ignoring 'well known' group 'Batch' (should already be in AD, and have no members) GROUP 'Proxy' GROUP SID 'S-1-5-8' Ignoring 'well known' group 'Proxy' (should already be in AD, and have no members) GROUP 'IUSR' GROUP SID 'S-1-5-17' Ignoring 'well known' group 'IUSR' (should already be in AD, and have no members) GROUP 'Self' GROUP SID 'S-1-5-10' Ignoring 'well known' group 'Self' (should already be in AD, and have no members) Exporting users Skipping wellknown rid=500 (for username=Administrator) Skipping BDC account for backup81, this DC must be re-joined Skipping BDC account for slave82, this DC must be re-joined Next rid = 11026 Exporting posix attributes Reading WINS database Looking up IPv4 addresses Looking up IPv6 addresses No IPv6 address will be assigned Setting up share.ldb Setting up secrets.ldb Setting up the registry Setting up the privileges database Setting up idmap db Setting up SAM db Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema Adding DomainDN: DC=ar40s3,DC=qa Adding configuration container Setting up sam.ldb schema Setting up sam.ldb configuration data Setting up display specifiers Modifying display specifiers Adding users container Modifying users container Adding computers container Modifying computers container Setting up sam.ldb data Setting up well known security principals Setting up sam.ldb users and groups Setting up self join Setting acl on sysvol skipped Adding DNS accounts Creating CN=MicrosoftDNS,CN=System,DC=ar40s3,DC=qa Creating DomainDnsZones and ForestDnsZones partitions Populating DomainDnsZones and ForestDnsZones partitions Setting up sam.ldb rootDSE marking as synchronized Fixing provision GUIDs A Kerberos configuration suitable for Samba 4 has been generated at /var/lib/samba/private/krb5.conf Setting up fake yp server settings Once the above files are installed, your Samba4 server will be ready to use Admin password: oj]L_Em%$$2PM;l Server Role: active directory domain controller Hostname: master80 NetBIOS Domain: AR40S3 DNS Domain: ar40s3.qa DOMAIN SID: S-1-5-21-767740196-1201359957-1645096316 Importing WINS database Importing Account policy Importing idmap database Cannot open idmap database, Ignoring: [Errno 2] No such file or directory Adding groups Importing groups Group already exists sid=S-1-5-21-767740196-1201359957-1645096316-512, groupname=Domain Admins existing_groupname=Domain Admins, Ignoring. Group already exists sid=S-1-5-21-767740196-1201359957-1645096316-513, groupname=Domain Users existing_groupname=Domain Users, Ignoring. Group already exists sid=S-1-5-21-767740196-1201359957-1645096316-514, groupname=Domain Guests existing_groupname=Domain Guests, Ignoring. Group already exists sid=S-1-5-32-550, groupname=Printer-Admins existing_groupname=Print Operators, Ignoring. Could not modify AD idmap entry for sid=S-1-5-11, id=5013, type=ID_TYPE_GID ((32, "Duplicate base-DN matches found for ''")) Could not add posix attrs for AD entry for sid=S-1-5-11, ((32, "Duplicate base-DN matches found for ''")) Failed to split sid for World Authority Could not modify AD idmap entry for sid=S-1-1, id=5014, type=ID_TYPE_GID ((32, "Base-DN '' not found")) Could not add posix attrs for AD entry for sid=S-1-1, ((32, "Base-DN '' not found")) Group already exists as foreignSecurityPrincipal sid=S-1-1-0, groupname=Everyone existing_groupname=Everyone, Ignoring. Could not modify AD idmap entry for sid=S-1-1-0, id=5015, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Everyone,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-1-0, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Everyone,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Failed to split sid for Null Authority Could not modify AD idmap entry for sid=S-1-0, id=5017, type=ID_TYPE_GID ((32, "Base-DN '' not found")) Could not add posix attrs for AD entry for sid=S-1-0, ((32, "Base-DN '' not found")) Could not modify AD idmap entry for sid=S-1-0-0, id=5018, type=ID_TYPE_GID ((32, "Base-DN '' not found")) Could not add posix attrs for AD entry for sid=S-1-0-0, ((32, "Base-DN '' not found")) Could not modify AD idmap entry for sid=S-1-5-9, id=5019, type=ID_TYPE_GID ((32, "Duplicate base-DN matches found for ''")) Could not add posix attrs for AD entry for sid=S-1-5-9, ((32, "Duplicate base-DN matches found for ''")) Group already exists as foreignSecurityPrincipal sid=S-1-5-14, groupname=Remote Interactive Logon existing_groupname=Remote Interactive Logon, Ignoring. Could not modify AD idmap entry for sid=S-1-5-14, id=5020, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Remote Interactive Logon,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-14, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Remote Interactive Logon,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-64-14, groupname=SChannel Authentication existing_groupname=SChannel Authentication, Ignoring. Could not modify AD idmap entry for sid=S-1-5-64-14, id=5021, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=SChannel Authentication,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-64-14, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=SChannel Authentication,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-64-21, groupname=Digest Authentication existing_groupname=Digest Authentication, Ignoring. Could not modify AD idmap entry for sid=S-1-5-64-21, id=5022, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Digest Authentication,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-64-21, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Digest Authentication,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-13, groupname=Terminal Server User existing_groupname=Terminal Server User, Ignoring. Could not modify AD idmap entry for sid=S-1-5-13, id=5023, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Terminal Server User,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-13, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Terminal Server User,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-64-10, groupname=NTLM Authentication existing_groupname=NTLM Authentication, Ignoring. Could not modify AD idmap entry for sid=S-1-5-64-10, id=5024, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=NTLM Authentication,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-64-10, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=NTLM Authentication,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-1000, groupname=Other Organization existing_groupname=Other Organization, Ignoring. Could not modify AD idmap entry for sid=S-1-5-1000, id=5025, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Other Organization,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-1000, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Other Organization,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-15, groupname=This Organization existing_groupname=This Organization, Ignoring. Could not modify AD idmap entry for sid=S-1-5-15, id=5026, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=This Organization,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-15, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=This Organization,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-7, groupname=Anonymous Logon existing_groupname=Anonymous Logon, Ignoring. Could not modify AD idmap entry for sid=S-1-5-7, id=5027, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Anonymous Logon,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-7, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Anonymous Logon,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-20, groupname=Network Service existing_groupname=Network Service, Ignoring. Could not modify AD idmap entry for sid=S-1-5-20, id=5028, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Network Service,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-20, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Network Service,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-3-1, groupname=Creator Group existing_groupname=Creator Group, Ignoring. Could not modify AD idmap entry for sid=S-1-3-1, id=5029, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Creator Group,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-3-1, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Creator Group,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-3-0, groupname=Creator Owner existing_groupname=Creator Owner, Ignoring. Could not modify AD idmap entry for sid=S-1-3-0, id=5030, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Creator Owner,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-3-0, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Creator Owner,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-19, groupname=Local Service existing_groupname=Local Service, Ignoring. Could not modify AD idmap entry for sid=S-1-5-19, id=5031, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Local Service,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-19, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Local Service,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-3-4, groupname=Owner Rights existing_groupname=Owner Rights, Ignoring. Could not modify AD idmap entry for sid=S-1-3-4, id=5032, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Owner Rights,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-3-4, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Owner Rights,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not modify AD idmap entry for sid=S-1-5-4, id=5033, type=ID_TYPE_GID ((32, "Duplicate base-DN matches found for ''")) Could not add posix attrs for AD entry for sid=S-1-5-4, ((32, "Duplicate base-DN matches found for ''")) Group already exists as foreignSecurityPrincipal sid=S-1-5-12, groupname=Restricted existing_groupname=Restricted, Ignoring. Could not modify AD idmap entry for sid=S-1-5-12, id=5034, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Restricted,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-12, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Restricted,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-2, groupname=Network existing_groupname=Network, Ignoring. Could not modify AD idmap entry for sid=S-1-5-2, id=5035, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Network,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-2, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Network,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-6, groupname=Service existing_groupname=Service, Ignoring. Could not modify AD idmap entry for sid=S-1-5-6, id=5036, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Service,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-6, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Service,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-1, groupname=Dialup existing_groupname=Dialup, Ignoring. Could not modify AD idmap entry for sid=S-1-5-1, id=5037, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Dialup,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-1, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Dialup,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-18, groupname=System existing_groupname=System, Ignoring. Could not modify AD idmap entry for sid=S-1-5-18, id=5038, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=System,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-18, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=System,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-3, groupname=Batch existing_groupname=Batch, Ignoring. Could not modify AD idmap entry for sid=S-1-5-3, id=5039, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Batch,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-3, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Batch,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Group already exists as foreignSecurityPrincipal sid=S-1-5-8, groupname=Proxy existing_groupname=Proxy, Ignoring. Could not modify AD idmap entry for sid=S-1-5-8, id=5040, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Proxy,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-8, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Proxy,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not modify AD idmap entry for sid=S-1-5-17, id=5041, type=ID_TYPE_GID ((32, "Duplicate base-DN matches found for ''")) Could not add posix attrs for AD entry for sid=S-1-5-17, ((32, "Duplicate base-DN matches found for ''")) Group already exists as foreignSecurityPrincipal sid=S-1-5-10, groupname=Self existing_groupname=Self, Ignoring. Could not modify AD idmap entry for sid=S-1-5-10, id=5042, type=ID_TYPE_GID ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Self,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Could not add posix attrs for AD entry for sid=S-1-5-10, ((65, "objectclass_attrs: attribute 'gidNumber' on entry 'CN=Self,CN=WellKnown Security Principals,CN=Configuration,DC=ar40s3,DC=qa' does not exist in the specified objectclasses!")) Committing 'add groups' transaction to disk Adding users Importing users Committing 'add users' transaction to disk Adding users to groups ERROR(): uncaught exception - ProvisioningError: Could not add member 'S-1-5-21-767740196-1201359957-1645096316-5010' to group 'S-1-5-21-767740196-1201359957-1645096316-11012' as either group or user record doesn't exist: Unable to find GUID for DN File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 1463, in run useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs, no_upn=no_upn) File "/usr/lib/python2.7/dist-packages/samba/upgrade.py", line 886, in upgrade_from_samba3 add_users_to_group(result.samdb, g, groupmembers[str(g.sid)], logger) File "/usr/lib/python2.7/dist-packages/samba/upgrade.py", line 354, in add_users_to_group raise ProvisioningError("Could not add member '%s' to group '%s' as either group or user record doesn't exist: %s" % (member_sid, group.sid, emsg)) Importing group: Domain Admins Importing group: Domain Users Importing group: Domain Guests Importing group: Windows Hosts Importing group: DC Backup Hosts Importing group: DC Slave Hosts Importing group: Computers Importing group: Printer-Admins Importing group: Backup Join Importing group: Slave Join Importing group: group1 Importing group: group2 Importing group: group3 Importing group: Authenticated Users Importing group: World Authority Importing group: Everyone Importing group: Null Authority Importing group: Nobody Importing group: Enterprise Domain Controllers Importing group: Remote Interactive Logon Importing group: SChannel Authentication Importing group: Digest Authentication Importing group: Terminal Server User Importing group: NTLM Authentication Importing group: Other Organization Importing group: This Organization Importing group: Anonymous Logon Importing group: Network Service Importing group: Creator Group Importing group: Creator Owner Importing group: Local Service Importing group: Owner Rights Importing group: Interactive Importing group: Restricted Importing group: Network Importing group: Service Importing group: Dialup Importing group: System Importing group: Batch Importing group: Proxy Importing group: IUSR Importing group: Self Importing user: join-slave Importing user: user2 Importing user: user3 Importing user: user1 Importing user: win7pro231$ Importing user: join-backup Importing user: member83$ WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Modified 1 records successfully WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Changed password OK WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Changed password OK cp: Aufruf von stat für „/var/lib/samba/private/phpldapadmin-config.php“ nicht möglich: Datei oder Verzeichnis nicht gefunden Setting slapd/port File: /etc/init.d/slapd Multifile: /etc/ldap/slapd.conf Setting slapd/port/ldaps File: /etc/init.d/slapd Multifile: /etc/ldap/slapd.conf Setting ldap/server/port Multifile: /etc/postfix/ldap.distlist Multifile: /etc/postfix/ldap.groups Multifile: /etc/postfix/ldap.sharedfolderlocal File: /etc/pam.d/smtp Multifile: /etc/postfix/ldap.virtualwithcanonical File: /etc/pam_ldap.conf Multifile: /etc/postfix/ldap.sharedfolderremote File: /etc/runit/univention-directory-listener/run Multifile: /etc/postfix/ldap.virtual Multifile: /etc/postfix/ldap.canonicalrecipient Multifile: /etc/postfix/ldap.transport File: /etc/libnss-ldap.conf Multifile: /etc/postfix/ldap.canonicalsender File: /etc/ldap/ldap.conf Multifile: /etc/postfix/ldap.virtualdomains Setting ldap/master/port File: /etc/ntp.conf Multifile: /etc/ldap/slapd.conf File: /etc/default/ntpdate File: /etc/nagios/nrpe.cfg Restarting ldap server(s). Stopping ldap server(s): slapd ...done. Starting ldap server(s): slapd ...done. Checking Schema ID: ...done. Restarting univention-directory-listener daemon. ok: run: univention-directory-listener: (pid 14279) 0s, normally down done. Restarting Univention Management Console Server. done. Create windows/wins-support Not updating windows/wins-server Multifile: /etc/samba/smb.conf WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Modified 1 records successfully WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Modified 1 records successfully WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Adding CNAME record "aba6a36c-1569-44d2-8b25-c667c4494495._msdcs master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap tcp 0 100 389 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap._tcp.dc msdcs 0 100 389 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap._tcp.f25f8cba-6cfd-4cb8-b33c-d66f1b2a9d37.domains msdcs 0 100 389 master80.ar40s3.qa." to zone ar40s3.qa... done No record found Adding SRV record "kerberos tcp 0 100 88 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "kerberos udp 0 100 88 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "kerberos._tcp.dc msdcs 0 100 88 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "kpasswd tcp 0 100 464 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "kpasswd udp 0 100 464 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap._tcp.Default-First-Site-Name sites 0 100 389 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap._tcp.Default-First-Site-Name._sites.dc msdcs 0 100 389 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "kerberos._tcp.Default-First-Site-Name sites 0 100 88 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "kerberos._tcp.Default-First-Site-Name._sites.dc msdcs 0 100 88 master80.ar40s3.qa." to zone ar40s3.qa... done Adding TXT record "_kerberos AR40S3.QA" to zone ar40s3.qa... done Adding A record "gc._msdcs 10.200.8.80" to zone ar40s3.qa... done Adding SRV record "gc tcp 0 100 3268 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap._tcp.gc msdcs 0 100 3268 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "gc._tcp.Default-First-Site-Name sites 0 100 3268 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap._tcp.Default-First-Site-Name._sites.gc msdcs 0 100 3268 master80.ar40s3.qa." to zone ar40s3.qa... done Adding SRV record "ldap._tcp.pdc msdcs 0 100 389 master80.ar40s3.qa." to zone ar40s3.qa... done backup81.ar40s3.qa port 88 is not offering the Service 'Samba 4' Object modified: relativeDomainName=_kerberos._tcp,zoneName=ar40s3.qa,cn=dns,dc=ar40s3,dc=qa slave82.ar40s3.qa port 88 is not offering the Service 'Samba 4' Object modified: relativeDomainName=_kerberos._tcp,zoneName=ar40s3.qa,cn=dns,dc=ar40s3,dc=qa backup81.ar40s3.qa port 88 is not offering the Service 'Samba 4' Object modified: relativeDomainName=_kerberos._udp,zoneName=ar40s3.qa,cn=dns,dc=ar40s3,dc=qa slave82.ar40s3.qa port 88 is not offering the Service 'Samba 4' Object modified: relativeDomainName=_kerberos._udp,zoneName=ar40s3.qa,cn=dns,dc=ar40s3,dc=qa backup81.ar40s3.qa port 7389 is not offering the Service 'Samba 4' Object modified: relativeDomainName=_ldap._tcp,zoneName=ar40s3.qa,cn=dns,dc=ar40s3,dc=qa slave82.ar40s3.qa port 7389 is not offering the Service 'Samba 4' Object modified: relativeDomainName=_ldap._tcp,zoneName=ar40s3.qa,cn=dns,dc=ar40s3,dc=qa WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Modified 1 records successfully [ ok ] Starting NetBIOS name server: nmbd. Samba is configured as AD DC, service smbd is controlled by the main samba daemon. [ ok ] Starting Samba AD DC daemon: samba. Create samba4/sysvol/sync/cron File: /etc/cron.d/sysvol-sync Multifile: /etc/samba/smb.conf Object modified: zoneName=ar40s3.qa,cn=dns,dc=ar40s3,dc=qa WARNING: No path in service IPC$ - making it unavailable! NOTE: Service IPC$ is flagged unavailable. Modified 1 records successfully /etc/krb5.keytab is already registered in samba4. Object exists: cn=master80.ar40s3.qa,cn=shares,dc=ar40s3,dc=qa No modification: cn=master80.ar40s3.qa,cn=shares,dc=ar40s3,dc=qa [ ok ] Stopping NetBIOS name server: nmbd. [ ok ] Starting NetBIOS name server: nmbd. Samba is configured as AD DC, service smbd is controlled by the main samba daemon. [ ok ] Stopping Samba AD DC daemon: samba. [ ok ] Starting Samba AD DC daemon: samba. WARNING: Failed to search for S4 connector DC Object exists: cn=services,cn=univention,dc=ar40s3,dc=qa Object created: cn=Samba 4,cn=services,cn=univention,dc=ar40s3,dc=qa Object modified: cn=master80,cn=dc,cn=computers,dc=ar40s3,dc=qa Joinscript 96univention-samba4.inst finished with exitcode 0 Trigger für univention-config werden verarbeitet ... dpkg-query: Kein Paket gefunden, das auf ldapacl_66univention-appcenter_app.acl passt univention-s4-connector (9.0.16-1.526.201411031309) wird eingerichtet ... W: failed to convert the username messagebus to the uid File: /etc/logrotate.d/univention-s4-connector Create connector/s4/listener/dir Create connector/s4/poll/sleep Create connector/s4/retryrejected Create connector/s4/ldap/port Create connector/s4/ldap/ssl Create connector/debug/function Create connector/debug/level Create connector/ad/mapping/group/language Create connector/s4/mapping/syncmode Create connector/s4/mapping/sid Create connector/s4/mapping/gpo Create connector/s4/mapping/user/ignorelist Not updating connector/s4/mapping/group/grouptype Create connector/s4/mapping/group/ignorelist Create connector/s4/mapping/group/table/Printer-Admins Create connector/s4/mapping/container/ignorelist Create connector/s4/mapping/dns/ignorelist [info] Restarting univention-directory-listener daemon. ok: run: univention-directory-listener: (pid 15281) 0s, normally down done. Calling joinscript 97univention-s4-connector.inst ... Create connector/s4/ldap/host Create connector/s4/ldap/base Not updating connector/s4/ldap/ssl Create connector/s4/mapping/group/language Create connector/s4/ldap/protocol Create connector/s4/ldap/socket Object created: cn=gPLink,cn=custom attributes,cn=univention,dc=ar40s3,dc=qa Object exists: cn=Builtin,dc=ar40s3,dc=qa Object created: cn=System,dc=ar40s3,dc=qa Object created: cn=Policies,cn=System,dc=ar40s3,dc=qa Object created: ou=Domain Controllers,dc=ar40s3,dc=qa Object created: cn=WMIPolicy,cn=System,dc=ar40s3,dc=qa Object created: cn=SOM,cn=WMIPolicy,cn=System,dc=ar40s3,dc=qa Object exists: cn=ldapschema,cn=univention,dc=ar40s3,dc=qa Object created: cn=msgpo,cn=ldapschema,cn=univention,dc=ar40s3,dc=qa Object created: cn=mswmi,cn=ldapschema,cn=univention,dc=ar40s3,dc=qa Object exists: cn=udm_module,cn=univention,dc=ar40s3,dc=qa Object created: cn=container/msgpo,cn=udm_module,cn=univention,dc=ar40s3,dc=qa Waiting for activation of the extension object msgpo:........OK Waiting for activation of the extension object mswmi: OK Waiting for activation of the extension object container/msgpo: OK Waiting for file /usr/share/pyshared/univention/admin/handlers/container/msgpo.py: OK Terminating running univention-cli-server processes. Object exists: cn=udm_module,cn=univention,dc=ar40s3,dc=qa Object created: cn=settings/mswmifilter,cn=udm_module,cn=univention,dc=ar40s3,dc=qa Waiting for activation of the extension object settings/mswmifilter: OK Waiting for file /usr/share/pyshared/univention/admin/handlers/settings/mswmifilter.py: OK Terminating running univention-cli-server processes. Object exists: cn=services,cn=univention,dc=ar40s3,dc=qa Object created: cn=S4 Connector,cn=services,cn=univention,dc=ar40s3,dc=qa Object modified: cn=master80,cn=dc,cn=computers,dc=ar40s3,dc=qa Create connector/s4/autostart Setting connector/s4/poll/sleep Setting connector/s4/retryrejected [info] Stopping univention-s4-connector daemon. failed. Set msGPOLink for UCS object (dc=ar40s3,dc=qa) Set msGPOLink for UCS object (ou=domain controllers,dc=ar40s3,dc=qa) [info] Stopping univention-s4-connector daemon. failed. [info] Starting univention-s4-connector daemon. done. Setting dns/backend [info] Restarting bind9 daemon: . done. Wait for bind9: done Setting connector/s4/poll/sleep Setting connector/s4/retryrejected [info] Stopping univention-s4-connector daemon. done. [info] Starting univention-s4-connector daemon. done. Joinscript 97univention-s4-connector.inst finished with exitcode 0 [info] Stopping univention-s4-connector daemon. done. [info] Starting univention-s4-connector daemon. done. Trigger für python-support werden verarbeitet ... Trigger für univention-config werden verarbeitet ... dpkg-query: Kein Paket gefunden, das auf ldapacl_66univention-appcenter_app.acl passt