Samba provisioning failes at upgrade from v6 to v7

NethServer Version: 7.4-1708
Module: NSDC

Hi guys, first of all I want to apologize for beeing absent since some time, but real life and personal issues are shaking me this days. But I’m still working with and on Nethserver and I promise to come back!

My Probem:

I want to upgrade an existing NS6 to NS7 via rsync-method.
During upgrade to active directory the task stop at 50% with “activate services” .
journalctl -M nsdc shows the following:

If I read this correctly, this setup has a user and a group with the same name and that’s the problem.

How can I delete the specific group before provisioning? On the source machine I cant find this group.
Did I do the mistake as I choosed the domain “jeckel.local” and a user called “jeckel”?

Can anyone please help me?

TIA Ralf

What’s about deleting the user at the old server? I think at the new one you can create it again.

I did a roll back by now and had a look at the ladp. All users are in ou=Groups and all groups are in ou=People. So it’s vize versa. In this case I had to delete all users on my old machine…

I will try to delete the groups in ldap before provisioning the dc.

But how comes that? Any hint for me @davidep ?


I’m getting nuts. :face_with_raised_eyebrow:

I can do a ldapsearch with credentials from account-provider-test dump but no ldapdelete:
insufficient access (50) / no write access to parent.


Sometime I’m blind to the easy way. It’s possible within the GUI. Sorry for bothering you all.

Now the provisioning of the DC worked!!


This is typical in Linux systems, where each user has a “private” primary group named after him… i.e. user jeckel has group jeckel. But the upgrade script already takes this into account, at least for users in LDAP of ns6.

Hi Davide, thanks for explaning, but

didn’t work in this case. The provisioning failed, because there was user jeckel and group jeckel from ns6. Only after I deleted the groups manually in the GUI, the upgrade to DC worked.

I have some snapshots, so if you can give me some advice to investigate what happend here, I’m happy to do.

This is not possible for primary groups. I guess your setup has some customization? Is it an user/group created from the command line or by some other means?

Yes, there are some users created from commandline. But I don’t know all. This setup is several years old. I tried some installations on it like virtualbox and some others not from softwarecenter.

Is this the reason??