Failure to join existing domain

Alex King alex at king.net.nz
Mon Dec 5 15:45:49 MST 2011 

Thanks Andreas,


Indeed it looks like adding "--server 
cuswes1.servers.nzcuexchange.co.nz" enabled samba to find the DC and 
complete the join.


I still worry as to why samba could not find the DC in the first place.

The message /ERROR(exception): uncaught exception - Failed to find a 
writeable DC for domain .../ is ambiguous in my opinion; it clould mean 
host not found, or host was found but not writable. For my case I sssume 
it meant host not found.

DNS was resolving the name of the server (and a heap of AD domain data) 
correctly as far as I know. Two things that may have contributed to the 
problem:

    * The FQDN of the samba server (hostname -f) was in a different DNS
      domain to the AD domain (I would assume this would not cause a
      problem?)
    * The name of the existing DC was resolving to both IPv4 and IPv6
      addresses, but the IPv6 address was bogus.  I have since removed
      that address from the interface and it is no longer in DNS.

Now samba has been added to AD as a DC.

Next problem:

root at ad1:/usr/local/samba# bin/samba-tool drs showrepl

ERROR(runtime): DRS connection to ad1.servers.nzcuexchange.co.nz failed - (-1073741801, 'Memory allocation error')

This must be hitting a bug, samba is the only thing running on the box.  
What should I do to debug this further?

 From the 2008 server, running:
repadmin /showrepl

shows output similar to what is listed at 
http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC#Starting_Samba 
under "samba-tool drs showrepl", however, only the third stanza 
(CN=Schema,CN=Configuration...) is shown as replicating successfully, 
not the first two.  The first two show:

"The replication operation failed because of a schema mismatch between 
the servers involved."

How do I debug this schema mismatch?  (W2008 server with exchange 2007).

Cheers,
Alex

Hello Alex,

I managed to join the domain by adding -S "DCname" to the join command

kind regards

Andreas

Am 02.12.2011 09:38, schrieb Alex King:
 >/ Hi,
/>/
/>/ I pulled down samba from git (alpha 18), followed the HOWTO at
/>/ http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
/>/
/>/ Trying to install a DC alongside an existing 2008R2 server with
/>/ Exchange2007.
/>/
/>/ I installed a fresh Debian Stable base system in a VM.
/>/
/>/ I compiled, installed, set up DNS (pointed /etc/resolv.conf to the
/>/ existing 2008 server) and Kerberos as in the howto. kinit successfully
/>/ gained a ticket, but samba-tool domain join failed with
/>/ "ERROR(exception): uncaught exception - Failed to find a writeable DC
/>/ for domain"
/>/
/>/ Reporting the failure as requested in the howto. I have googled this
/>/ error, without getting any advice that can get me further.
/>/
/>/ root at ad1 
<https://lists.samba.org/mailman/listinfo/samba-technical>:/usr/local/samba# 
/usr/local/samba/bin/samba-tool domain join
/>/ servers.nzcuexchange.co.nz DC -Uadministrator
/>/ --realm=servers.nzcuexchange.co.nz
/>/ Finding a writeable DC for domain 'servers.nzcuexchange.co.nz'
/>/ ERROR(exception): uncaught exception - Failed to find a writeable DC for
/>/ domain 'servers.nzcuexchange.co.nz'
/>/ File
/>/ "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
/>/ line 167, in _run
/>/ return self.run(*args, **kwargs)
/>/ File
/>/ "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py",
/>/ line 151, in run
/>/ machinepass=machinepass)
/>/ File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
/>/ line 921, in join_DC
/>/ machinepass)
/>/ File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
/>/ line 66, in __init__
/>/ ctx.server = ctx.find_dc(domain)
/>/ File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
/>/ line 204, in find_dc
/>/ raise Exception("Failed to find a writeable DC for domain '%s'" %
/>/ domain)
/>/
/>/ I understand the exchange server schema may cause problems, but this
/>/ seems like early in the process to luck out.
/>/
/>/ What could be causing this error?
/>/
/>/ Does anyone else have success joining alpha18 to a 2008 AD domain? Has
/>/ anyone else successfully got samba4 DCs running with the exchange 
schema?
/>/
/>/ My aim is to have all users in AD using a linux MTA, but a small subset
/>/ of users will have email forwarded to exchange running on 2008. If I
/>/ can't have the exchange server running in the same domain as samba4, I
/>/ might just keep them running in separate domains.
/>/
/>/ Thanks,
/>/ Alex
/

More information about the samba-technical mailing list