Bug 43785 – AD Takeover fails if AD NETBIOS domain name is unusual

Bug 43785 - AD Takeover fails if AD NETBIOS domain name is unusual


Summary:	AD Takeover fails if AD NETBIOS domain name is unusual

Status:	RESOLVED WONTFIX

Product:	UCS
Classification:	Unclassified
Component:	AD Takeover
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Samba maintainers
QA Contact:	Samba maintainers

URL:
Keywords:

Depends on:	39070
Blocks:	50714 47630
	Show dependency tree / graph

Reported:	2017-03-10 12:52 CET by Nico Stöckigt
Modified:	2020-01-14 09:34 CET (History)
CC List:	8 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	6: Setup Problem: Issue for the setup process
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.069
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2017030621000252
Bug group (optional):	External feedback
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Nico Stöckigt

2017-03-10 12:52:59 CET

+++ This bug was initially created as a clone of Bug #39070 +++

Same situation as in Bug #37460: AD Takeover fails if AD NETBIOS domain name is unusual:

UCS DC set up with 

 NETBIOS domain: FOOBAR
 DNS domainname: FooBar.com

AD DC set up with

 NETBIOS domain: FOOBAR0
 DNS domainname: FooBar.com

In AD Takeover we have the additional challenge that AD Takeover method post_join_tasks_and_start_samba_without_drsuapi looks for the samba domain object in LDAP, so the workaround of Bug #37460, to manually set windows/domain to "FOOBAR0" doesn't work here.



+++ This bug was initially created as a clone of Bug #37460 +++

Comment 1 Nico Stöckigt

2017-03-10 12:53:20 CET

I actually had this in a customer environment with UCS 4.1-4 errata406.

The Netbios-Domain differed from the AD-Domain (first part).
After changing
 - ucr set windows/domain="OTHER"
 - udm settings/sambadomain modify --dn "sambaDomainName=WRONG,cn=samba,dc=domain,dc=tld" --set "name=OTHER"
everything works fine...

Comment 2 Arvid Requate

2018-08-22 20:29:22 CEST

I think we can ask the AD-DC for his netbios domain, e.g. this seems to work also with foreign domains:

samba-tool domain info <IP of AD-DC>

Comment 3 Stefan Gohmann

2019-01-03 07:19:37 CET

This issue has been filled against UCS 4.1. The maintenance with bug and security fixes for UCS 4.1 has ended on 5st of April 2018.

Customers still on UCS 4.1 are encouraged to update to UCS 4.3. Please contact
your partner or Univention for any questions.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.