Joining a Windows 2008 R2 error
David Gonzalez
info at dghvoip.com
Tue Sep 14 16:11:55 MDT 2010
Hi
Adding up to this post, now that I've manually added the record to named
zone and restarting BIND I get this error
queued DsReplicaSync for CN=Configuration,DC=samba,DC=dghvoip,DC=com to
c714a89b-415e-4e62-b738-6a400691101d._msdcs.samba.dghvoip.com (urgent=true)
uSN=0:3901
started DsReplicaSync for DC=samba,DC=dghvoip,DC=com to
c714a89b-415e-4e62-b738-6a400691101d._msdcs.samba.dghvoip.com
dreplsrv_notify_schedule(5) scheduled for: Tue Sep 14 17:10:03 2010 COT
dreplsrv_notify: Failed to send DsReplicaSync to
c714a89b-415e-4e62-b738-6a400691101d._msdcs.samba.dghvoip.com for
DC=samba,DC=dghvoip,DC=com - NT code 0xc0002105 : WERR_DS_DRA_ACCESS_DENIED
started DsReplicaSync for
CN=Schema,CN=Configuration,DC=samba,DC=dghvoip,DC=com to
c714a89b-415e-4e62-b738-6a400691101d._msdcs.samba.dghvoip.com
dreplsrv_notify: Failed to send DsReplicaSync to
c714a89b-415e-4e62-b738-6a400691101d._msdcs.samba.dghvoip.com for
CN=Schema,CN=Configuration,DC=samba,DC=dghvoip,DC=com - NT code 0xc0002105 :
WERR_DS_DRA_ACCESS_DENIED
started DsReplicaSync for CN=Configuration,DC=samba,DC=dghvoip,DC=com to
c714a89b-415e-4e62-b738-6a400691101d._msdcs.samba.dghvoip.com
dreplsrv_notify: Failed to send DsReplicaSync to
c714a89b-415e-4e62-b738-6a400691101d._msdcs.samba.dghvoip.com for
CN=Configuration,DC=samba,DC=dghvoip,DC=com - NT code 0xc0002105 :
WERR_DS_DRA_ACCESS_DENIED
It has something to do with an access denied but I don't really know where
to look for to try and solve this.
Thanks your knowledge is appreciated.
Bye
---
... Chi va piano va sano e va lontano.
David Gonzalez H.
DGHVoIP - OPEN SOURCE TELEPHONY SOLUTIONS
Phone Bogotá: +(57-1)289-1168
Phone Medellin: +(57-4)247-0985
Mobile: +(57)315-838-8326
MSN: david at planetaradio.net
Skype: davidgonzalezh
WEB: http://www.dghvoip.com/
Linux User #294661
On Tue, Sep 14, 2010 at 4:58 PM, David Gonzalez <info at dghvoip.com> wrote:
> Hi,
>
> UPDATE: Dynamic DNS updates work now, just change the update-policy {}; to
> allow-update { any; };
> and donot add or comment out these lines on smb.conf.
>
> // tkey-gssapi-credential "DNS/samba.dghvoip.com";
> // tkey-domain "SAMBA.DGHVOIP.COM";
>
> Now, I've "sucesfully" joined a W2k8 server machine to my domain, the
> dcpromo it but these errors show on my logs:
>
> Failed to modify SPNs on CN=VMW2K8,CN=Computers,DC=samba,DC=dghvoip,DC=com:
> error in module acl: insufficient access rights (50)
> [Tue Sep 14 16:49:45 2010 COT, 0
> ../rpc_server/drsuapi/writespn.c:103:dcesrv_drsuapi_DsWriteAccountSpn()]
> Failed to modify SPNs on CN=VMW2K8,CN=Computers,DC=samba,DC=dghvoip,DC=com:
> error in module acl: insufficient access rights (50)
> [Tue Sep 14 16:49:45 2010 COT, 0
> ../rpc_server/drsuapi/writespn.c:103:dcesrv_drsuapi_DsWriteAccountSpn()]
> Failed to modify SPNs on cn=vmw2k8,cn=computers,dc=samba,dc=dghvoip,dc=com:
> error in module acl: insufficient access rights (50)
>
> And after the w2k8 start this shows up on samba.log
>
> /usr/local/samba/sbin/samba_dnsupdate: import samba
> [Tue Sep 14 16:52:10 2010 COT, 0
> ../../lib/util/util_runcmd.c:288:samba_runcmd_io_handler()]
> /usr/local/samba/sbin/samba_dnsupdate: ImportError: No module named samba
> [Tue Sep 14 16:52:10 2010 COT, 0
> ../../lib/util/util_runcmd.c:288:samba_runcmd_io_handler()]
> /usr/local/samba/sbin/samba_spnupdate: Traceback (most recent call last):
> [Tue Sep 14 16:52:10 2010 COT, 0
> ../../lib/util/util_runcmd.c:288:samba_runcmd_io_handler()]
> /usr/local/samba/sbin/samba_spnupdate: File
> "/usr/local/samba/sbin/samba_spnupdate", line 30, in ?
> [Tue Sep 14 16:52:10 2010 COT, 0
> ../../lib/util/util_runcmd.c:288:samba_runcmd_io_handler()]
>
> Is this behavior Alpha related I mean normal, I've searched for a solution
> with no luck, if developing time and dumb questions like this don't bother
> please would yopu give me a hand.
>
> Thank you and now my samba4 is running a full fledged AD-DS in my house ;),
> folder redirection, roaming profiles lots of GPOs, replication and some
> other stuff being tested.
>
> I'm not just a clinic asker, I can also help you with my experiences and
> knowledge so if I can help in testing or whatever task (I can translate docs
> into spanish, good spanish not Spain spanish)
>
> Thanks and SAMABA Rocks.
>
> ---
> ... Chi va piano va sano e va lontano.
> David Gonzalez H.
> DGHVoIP - OPEN SOURCE TELEPHONY SOLUTIONS
> Phone Bogotá: +(57-1)289-1168
> Phone Medellin: +(57-4)247-0985
> Mobile: +(57)315-838-8326
> MSN: david at planetaradio.net
> Skype: davidgonzalezh
> WEB: http://www.dghvoip.com/
> Linux User #294661
>
More information about the samba-technical
mailing list