ahhh, I see.
NS7-AD:
dig +short A nsdc-daho-d5dbc.ad.home.dargels.de
192.168.3.11
I cannot see the Information on the NS8 side
Maybe I should restart of the migration from the PVE-backups again and check the DNS-Resolution of the account provider for the leader node.
Ok, so I didn’t fall into the trap alone, it’s comforting when it happens even to you
The Trap is not the AD, but that NS7 say’s it’s connected, but NS8 is still virgin, no AD, no connection…
See here:
For a new attempt, I can provide a migration-tool with many fixes! Do you want to try it?
yes,
Hi @Andy_Wismer , after restoring the ns8-Vm I see, that I dindn’t create an account provider before.
I took the advice in the migration guide …a new server containing a freshly installed NethServer 8 cluster literally and started with a quasi virgin installation.
It was not specified to create an AD.
To install the testing package
yum install http://packages.nethserver.org/nethserver/7.9.2009/autobuild/x86_64/Packages/nethserver-ns8-migration-1.0.4-1.26.pr48.ge53d60d.ns7.x86_64.rpm
The RPM comes from this PR: Migration tool fixes and enhancements by DavidePrincipi · Pull Request #48 · NethServer/nethserver-ns8-migration · GitHub
To avoid this problem
mkdir -pv /var/lib/nethserver/ibay/fake
O.K. I will make my next attempt, but I need more detailed information about the preparation on the leader node.
This is a draft of the migration page documentation: NethServer 7 migration — NS8 documentation
It has been updated with more details about AD.
No, the cluster must be new.
It depends on what you are migrating. DNS is not a requirement for the migration procedure, you can adjust it later.
next attempt:
Multiple sync with
Try to finish migration with selcted IP-Adress 192.168.3.21:
echo ‘{“app”:“account-provider”,“action”:“finish”,“migrationConfig”:{“sambaIpAddress”:“192.168.3.21”}}’ | /usr/bin/setsid /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-ns8-migration/migration/update | jq
Search
<f..t...... private/sam.ldb.d/DC=FORESTDNSZONES,DC=AD,DC=HOME,DC=DARGELS,DC=DE.ldb.export
<f..t...... private/sam.ldb.d/metadata.tdb.export
.d..t...... private/smbd.tmp/
<f..t...... private/smbd.tmp/bad_password.tdb.export
<f..T...... accounts.json
<f..T...... nbalias.txt
----------- finish account-provider Thu, 30 Nov 2023 10:05:35 +0100
<f..T...... import.env
.d..t...... ./
skipping non-regular file "ntp_signd/socket"
skipping non-regular file "private/ldapi"
skipping non-regular file "private/ldap_priv/ldapi"
skipping non-regular file "private/msg.sock/26"
skipping non-regular file "private/msg.sock/29"
skipping non-regular file "private/msg.sock/31"
skipping non-regular file "private/msg.sock/32"
skipping non-regular file "private/msg.sock/33"
skipping non-regular file "private/msg.sock/35"
skipping non-regular file "private/msg.sock/38"
skipping non-regular file "private/msg.sock/39"
skipping non-regular file "private/msg.sock/42"
skipping non-regular file "private/msg.sock/43"
skipping non-regular file "private/msg.sock/44"
skipping non-regular file "private/msg.sock/45"
skipping non-regular file "private/msg.sock/46"
skipping non-regular file "private/msg.sock/47"
skipping non-regular file "private/msg.sock/48"
skipping non-regular file "private/msg.sock/49"
skipping non-regular file "private/msg.sock/50"
skipping non-regular file "private/msg.sock/51"
skipping non-regular file "private/msg.sock/52"
skipping non-regular file "private/msg.sock/53"
skipping non-regular file "private/msg.sock/54"
skipping non-regular file "private/msg.sock/55"
skipping non-regular file "private/msg.sock/56"
skipping non-regular file "private/msg.sock/57"
skipping non-regular file "private/msg.sock/58"
skipping non-regular file "private/msg.sock/59"
skipping non-regular file "private/msg.sock/61"
skipping non-regular file "private/msg.sock/62"
skipping non-regular file "private/msg.sock/63"
skipping non-regular file "private/msg.sock/64"
skipping non-regular file "private/msg.sock/65"
skipping non-regular file "private/msg.sock/67"
skipping non-regular file "private/msg.sock/68"
skipping non-regular file "private/msg.sock/70"
skipping non-regular file "private/msg.sock/71"
skipping non-regular file "private/msg.sock/72"
skipping non-regular file "private/msg.sock/73"
skipping non-regular file "private/msg.sock/74"
skipping non-regular file "private/msg.sock/77"
skipping non-regular file "private/msg.sock/80"
skipping non-regular file "private/msg.sock/81"
skipping non-regular file "private/msg.sock/82"
skipping non-regular file "private/msg.sock/83"
skipping non-regular file "private/msg.sock/84"
skipping non-regular file "private/msg.sock/85"
skipping non-regular file "private/msg.sock/86"
skipping non-regular file "private/msg.sock/88"
skipping non-regular file "private/msg.sock/90"
skipping non-regular file "private/msg.sock/91"
skipping non-regular file "private/msg.sock/92"
<f..t...... account_policy.tdb.export
<f..t...... registry.tdb.export
<f..t...... share_info.tdb.export
<f..t...... winbindd_cache.tdb.export
.d..t...... private/
<f..t...... private/hklm.ldb.export
<f..t...... private/idmap.ldb.export
<f..t...... private/privilege.ldb.export
<f..t...... private/sam.ldb.export
<f..t...... private/schannel_store.tdb.export
<f..t...... private/secrets.ldb.export
<f..t...... private/secrets.tdb.export
<f..t...... private/share.ldb.export
.d..t...... private/msg.sock/
.d..t...... private/sam.ldb.d/
<f..t...... private/sam.ldb.d/CN=CONFIGURATION,DC=AD,DC=HOME,DC=DARGELS,DC=DE.ldb.export
<f..t...... private/sam.ldb.d/CN=SCHEMA,CN=CONFIGURATION,DC=AD,DC=HOME,DC=DARGELS,DC=DE.ldb.export
<f..t...... private/sam.ldb.d/DC=AD,DC=HOME,DC=DARGELS,DC=DE.ldb.export
<f..t...... private/sam.ldb.d/DC=DOMAINDNSZONES,DC=AD,DC=HOME,DC=DARGELS,DC=DE.ldb.export
skipping non-regular file "winbindd_privileged/pipe"
<f..t...... private/sam.ldb.d/DC=FORESTDNSZONES,DC=AD,DC=HOME,DC=DARGELS,DC=DE.ldb.export
<f..t...... private/sam.ldb.d/metadata.tdb.export
.d..t...... private/smbd.tmp/
<f..t...... private/smbd.tmp/bad_password.tdb.export
<f..T...... accounts.json
<f..T...... nbalias.txt
""receiving file list ... done
dr-xr-xr-x 4,096 2023/09/28 13:18:46 .
sent 20 bytes received 30 bytes 100.00 bytes/sec
total size is 0 speedup is 0.00
.d....og... admin/
.f....og... admin/.bash_logout
.f....og... admin/.bash_profile
.f....og... admin/.bashrc
.f....og... admin/.rnd
.d..t...... ./
Failed to execute operation: No such file or directory
In the meanwhile, I checked the leader node:
The account provider is created, but not finished
Hi @capote
If you want an AD on your LAN, there is only one IP to choose from…
If you only need it for Apps on your Cluster, you can choose the VPN IP, in my opinion not a valid choice for you or me…
My 2 cents
Andy
I’ve chosen the leader node IP 192.168.3.21
in the samba1-log (NS8) found
2023-11-30T10:06:15+01:00 [1:samba1:samba-dc] dnsupdate_nameupdate_done: Failed DNS update with exit code 15
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] IPs: ['192.168.3.21']
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] need cache add: A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.21
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.21 as nsdc-daho-d5dbc.ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Lookup of nsdc-daho-d5dbc.ad.home.dargels.de. succeeded, but we failed to find a matching DNS entry for A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.21
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry NS ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de as ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry NS _msdcs.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de as _msdcs.ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Checking 0 100 389 nsdc-daho-d5dbc.ad.home.dargels.de. against SRV _ldap._tcp.6f913eda-988b-4c01-85db-b1831fe014ef.domains._msdcs.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry SRV _kerberos._udp.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 88 as _kerberos._udp.ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry A ad.home.dargels.de 192.168.3.21 as ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] need update: A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.21
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry SRV _kerberos._tcp.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 88 as _kerberos._tcp.ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Checking 0 100 389 nsdc-daho-d5dbc.ad.home.dargels.de. against SRV _ldap._tcp.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Checking 0 100 389 nsdc-daho-d5dbc.ad.home.dargels.de. against SRV _ldap._tcp.dc._msdcs.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry SRV _ldap._tcp.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389 as _ldap._tcp.ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Looking for DNS entry SRV _ldap._tcp.dc._msdcs.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389 as _ldap._tcp.dc._msdcs.ad.home.dargels.de.
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Lookup of ad.home.dargels.de. succeeded, but we failed to find a matching DNS entry for A ad.home.dargels.de 192.168.3.21
Checking 0 100 3268 nsdc-daho-d5dbc.ad.home.dargels.de. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 3268
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Lookup of DomainDnsZones.ad.home.dargels.de. succeeded, but we failed to find a matching DNS entry for A DomainDnsZones.ad.home.dargels.de 192.168.3.21
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] nsdc-daho-d5dbc.ad.home.dargels.de. 0 NONE A 192.168.3.11
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] nsdc-daho-d5dbc.ad.home.dargels.de. 0 NONE AAAA fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ad.home.dargels.de. 0 NONE A 192.168.3.11
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ad.home.dargels.de. 0 NONE AAAA fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:16+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] gc._msdcs.ad.home.dargels.de. 0 NONE A 192.168.3.11
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] gc._msdcs.ad.home.dargels.de. 0 NONE AAAA fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] DomainDnsZones.ad.home.dargels.de. 0 NONE A 192.168.3.11
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] DomainDnsZones.ad.home.dargels.de. 0 NONE AAAA fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ForestDnsZones.ad.home.dargels.de. 0 NONE A 192.168.3.11
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ForestDnsZones.ad.home.dargels.de. 0 NONE AAAA fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:17+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] nsdc-daho-d5dbc.ad.home.dargels.de. 900 IN A 192.168.3.21
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ad.home.dargels.de. 900 IN A 192.168.3.21
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] gc._msdcs.ad.home.dargels.de. 900 IN A 192.168.3.21
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] DomainDnsZones.ad.home.dargels.de. 900 IN A 192.168.3.21
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; UPDATE SECTION:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ForestDnsZones.ad.home.dargels.de. 900 IN A 192.168.3.21
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Outgoing update query:
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] ; TSIG error with server: tsig verify failure
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.11 as nsdc-daho-d5dbc.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: AAAA nsdc-daho-d5dbc.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Checking 0 100 389 nsdc-daho-d5dbc.ad.home.dargels.de. against SRV _ldap._tcp.ForestDnsZones.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry A ad.home.dargels.de 192.168.3.11 as ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: A ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry SRV _ldap._tcp.ForestDnsZones.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389 as _ldap._tcp.ForestDnsZones.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389 as _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: A ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry AAAA ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342 as ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Checking 0 100 389 nsdc-daho-d5dbc.ad.home.dargels.de. against SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.ad.home.dargels.de nsdc-daho-d5dbc.ad.home.dargels.de 389
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need update: A ForestDnsZones.ad.home.dargels.de 192.168.3.21
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry AAAA nsdc-daho-d5dbc.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342 as nsdc-daho-d5dbc.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry A ForestDnsZones.ad.home.dargels.de 192.168.3.21 as ForestDnsZones.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: AAAA ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Lookup of ForestDnsZones.ad.home.dargels.de. succeeded, but we failed to find a matching DNS entry for A ForestDnsZones.ad.home.dargels.de 192.168.3.21
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: AAAA nsdc-daho-d5dbc.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: AAAA gc._msdcs.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: AAAA ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry AAAA gc._msdcs.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342 as gc._msdcs.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: A gc._msdcs.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: AAAA ForestDnsZones.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: A ForestDnsZones.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: A DomainDnsZones.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: AAAA DomainDnsZones.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: A gc._msdcs.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] 5 DNS updates and 10 DNS deletes needed
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry AAAA ForestDnsZones.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342 as ForestDnsZones.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry AAAA DomainDnsZones.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342 as DomainDnsZones.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: AAAA gc._msdcs.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry A gc._msdcs.ad.home.dargels.de 192.168.3.11 as gc._msdcs.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: A ForestDnsZones.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry A ForestDnsZones.ad.home.dargels.de 192.168.3.11 as ForestDnsZones.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Looking for DNS entry A DomainDnsZones.ad.home.dargels.de 192.168.3.11 as DomainDnsZones.ad.home.dargels.de.
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Calling nsupdate for A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.11 (delete)
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need delete: A DomainDnsZones.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Successfully obtained Kerberos ticket to DNS/nsdc-daho-d5dbc.ad.home.dargels.de as NSDC-DAHO-D5DBC$
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] delete (nsupdate): A nsdc-daho-d5dbc.ad.home.dargels.de 192.168.3.11
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: AAAA DomainDnsZones.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] need cache remove: AAAA ForestDnsZones.ad.home.dargels.de fd09:2045:6f49:4381:dc1a:adff:feb8:4342
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Failed nsupdate: 2
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Failed nsupdate: 2
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Calling nsupdate for A DomainDnsZones.ad.home.dargels.de 192.168.3.11 (delete)
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Failed nsupdate: 2
2023-11-30T10:06:18+01:00 [1:samba1:agent@samba1] Failed nsupdate: 2
Thtats it. Thats end of my second attempt.
I wonder about this section in the migration guide
There was no list of installed applications.
No applications are installed on the leader node.
The migration tool migrates a limited set of applications. By now we have
nethserver-ejabberd
nethserver-mail-getmail
nethserver-mail
nethserver-mattermost
nethserver-nextcloud
nethserver-roundcubemail
nethserver-webtop5
…and the account provider, which is the only one that matches in your case.
in this case I don’t need a migration.
I can install new and have to think about a manual migration of dokuwiki.
Copy over the contents, set the permissions and your internal DNS pointers, that’s all needed.
Maybe also the LE SSL…
DokuWiki doesn’t need or use a database, so no worries there!
Plugins are in it’s folder structure, so are templates…
It can still use AD on the new server!
My 2 cents
Andy
It is systemctl talking. This failure has the same reason of the previous one: your environment has no file server module onboard. I’m fixing this, too 
thank you very much for your help!
If you want to test a new package version, with a new fix this is the latest release
nethserver-ns8-migration-1.0.4-1.34.g4ff326c.ns7.x86_64.rpm
The command to update existing installations should be:
mv -f /etc/wireguard/{wg0,ns8}.conf
yum --enablerepo=nethserver-testing update nethserver-ns8-migration
Whilst, for new installations:
yum --enablerepo=nethserver-testing install nethserver-ns8-migration
Ensure there is no /etc/wireguard/wg0.conf hanging around: new package version changes the name of the Wireguard interface. It now uses interface ns8.