[Samba] Join an additional Samba DC to an existing Active Directory

basti mailinglist at unix-solution.de
Thu Aug 25 10:46:50 UTC 2016 

On 25.08.2016 12:24, Rowland Penny via samba wrote:
> On Thu, 25 Aug 2016 12:03:30 +0200
> basti via samba <samba at lists.samba.org> wrote:
> 
>> Hello,
>> I try to add a BDC to my AD using this Howto
>> https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory#Preparing_the_host_for_the_domain_join
>>
>> host -t A pdc.kes.local
>> pdc.kes.local has address 192.168.122.2
>>
>> ldapsearch -h pdc.kes.local -b'dc=kes,dc=local' -x
>> # extended LDIF
>> #
>> # LDAPv3
>> # base <dc=kes,dc=local> with scope subtree
>> # filter: (objectclass=*)
>> # requesting: ALL
>> #
>>
>> # kes.local
>> dn: dc=kes,dc=local
>> objectClass: top
>> objectClass: dcObject
>> objectClass: organization
>> o: kes.local
>> dc: kes
>>
>> ...
>>
>> but when I try
>>
>> samba-tool domain join kes.local DC -Uadministrator --realm=KES.local
>> --dns-backend=SAMBA_INTERNAL
>> Finding a writeable DC for domain 'kes.local'
>> Found DC pdc.kes.local
>> Failed to bind - LDAP client internal error: NT code 0x80090302
>> Failed to connect to 'ldap://pdc.kes.local' with backend 'ldap':
>> (null) ERROR(ldb): uncaught exception - None
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
>> line 175, in _run
>>     return self.run(*args, **kwargs)
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line
>> 657, in run
>>     dns_backend=dns_backend)
>>   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1116, in
>> join_RODC
>>     machinepass, use_ntvfs, dns_backend, promote_existing)
>>   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 85, in
>> __init__
>>     credentials=ctx.creds, lp=ctx.lp)
>>   File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 57, in
>> __init__
>>     options=options)
>>   File "/usr/lib/python2.7/dist-packages/samba/__init__.py", line 115,
>> in __init__
>>     self.connect(url, flags, options)
>>   File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 72, in
>> connect
>>     options=options)
>> root at rtr:/home/user# man samba-tool
>>
>> On my pdc I use BIND aus DNS backend.
>>
>> Thanks for any support.
>> Best Regards
>>
> 
> Bit obvious really, use bind on the second DC as well. You should also
> note that you DO NOT HAVE A PDC, you have a DC, your second DC will not
> be a BDC, it will just be another DC. Please do not use the terms 'PDC'
> & 'BDC' when referring to AD DCs, those terms are only used when
> referring to NT4-style domain controllers.
> 
> Rowland 
> 

This does not fix ther error.
samba is still unable to connect to ldap.

Found DC pdc.kes.local
Failed to bind - LDAP client internal error: NT code 0x80090302
Failed to connect to 'ldap://pdc.kes.local' with backend 'ldap': (null)

More information about the samba mailing list