errors after starting samba4 as a RODC
Matthieu Patou
mat at samba.org
Thu Sep 29 11:48:09 MDT 2011
Hello Tridge and others,
I had the following RODC join:
Found DC SDC.drsr.com
workgroup is DRSR
realm is drsr.com
checking samaccountname
Deleted CN=SAMBAIOLAB,OU=Domain Controllers,DC=drsr,DC=com
Deleted CN=RODC Connection (FRS),CN=NTDS
Settings,CN=SAMBAIOLAB,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=drsr,DC=com
Deleted CN=NTDS
Settings,CN=SAMBAIOLAB,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=drsr,DC=com
Deleted
CN=SAMBAIOLAB,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=drsr,DC=com
Deleted CN=SAMBAIOLAB,CN=Topology,CN=Domain System
Volume,CN=DFSR-GlobalSettings,CN=System,DC=drsr,DC=com
Adding CN=SAMBAIOLAB,OU=Domain Controllers,DC=drsr,DC=com
Adding CN=krbtgt_SAMBAIOLAB,CN=Users,DC=drsr,DC=com
Got krbtgt_name=krbtgt_25419
Renaming CN=krbtgt_SAMBAIOLAB,CN=Users,DC=drsr,DC=com to
CN=krbtgt_25419,CN=Users,DC=drsr,DC=com
Adding
CN=SAMBAIOLAB,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=drsr,DC=com
Adding CN=NTDS
Settings,CN=SAMBAIOLAB,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=drsr,DC=com
Adding CN=RODC Connection (FRS),CN=NTDS
Settings,CN=SAMBAIOLAB,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=drsr,DC=com
Adding CN=SAMBAIOLAB,CN=Topology,CN=Domain System
Volume,CN=DFSR-GlobalSettings,CN=System,DC=drsr,DC=com
Adding SPNs to CN=SAMBAIOLAB,OU=Domain Controllers,DC=drsr,DC=com
Setting account password for SAMBAIOLAB$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=drsr,DC=com
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=drsr,DC=com] objects[402]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=drsr,DC=com] objects[402]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=drsr,DC=com] objects[402]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=drsr,DC=com] objects[347]
linked_values[0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=drsr,DC=com] objects[402] linked_values[0]
Partition[CN=Configuration,DC=drsr,DC=com] objects[804] linked_values[0]
Partition[CN=Configuration,DC=drsr,DC=com] objects[1206] linked_values[0]
Partition[CN=Configuration,DC=drsr,DC=com] objects[1608] linked_values[0]
Partition[CN=Configuration,DC=drsr,DC=com] objects[1687] linked_values[73]
Partition[DC=drsr,DC=com] objects[376] linked_values[60]
../source4/dsdb/samdb/ldb_modules/new_partition.c:161: Skipping
uninstantiated partition
CN=TempCrossRef\0ADEL:e7984a66-ac71-4d17-817d-24c62892844e,DC=drsr,DC=com
../source4/dsdb/samdb/ldb_modules/new_partition.c:161: Skipping
uninstantiated partition
CN=TempCrossRef\0ADEL:0fef3b98-63dd-451a-858e-31fe5af34757,DC=drsr,DC=com
../source4/dsdb/samdb/ldb_modules/new_partition.c:161: Skipping
uninstantiated partition
CN=TempCrossRef\0ADEL:94a3d039-b2c4-4380-8dfe-f00396ab215d,DC=drsr,DC=com
../source4/dsdb/samdb/ldb_modules/new_partition.c:161: Skipping
uninstantiated partition
CN=TempCrossRef\0ADEL:42006265-cd9f-430c-87f7-c492cf59a3e2,DC=drsr,DC=com
Partition[DC=drsr,DC=com] objects[442] linked_values[58]
../source4/dsdb/samdb/ldb_modules/new_partition.c:161: Skipping
uninstantiated partition
CN=TempCrossRef\0ADEL:70a7472a-7444-4ed3-8540-10d4f8293cb6,DC=drsr,DC=com
../source4/dsdb/samdb/ldb_modules/new_partition.c:161: Skipping
uninstantiated partition CN=TempCrossRef,DC=drsr,DC=com
../source4/dsdb/samdb/ldb_modules/new_partition.c:161: Skipping
uninstantiated partition
CN=TempCrossRef\0ADEL:c90940f0-f08f-4e95-bef9-0e6774d7786f,DC=drsr,DC=com
Partition[CN=SAMBAIOLAB,OU=Domain Controllers,DC=drsr,DC=com] objects[1]
linked_values[13]
Partition[CN=krbtgt_25419,CN=Users,DC=drsr,DC=com] objects[1]
linked_values[0]
Committing SAM database
Setting isSynchronized and dsServiceName
Setting up secrets database
Joined domain DRSR (SID S-1-5-21-1133793536-4058188571-2777943604) as an
RODC
After this starting samba4 gives:
samba version 4.0.0alpha18-DEVELOPERBUILD started.
Copyright Andrew Tridgell and the Samba Team 1992-2011
samba: using 'single' process model
task_server_terminate: [dreplsrv: Failed to load partitions:
WERR_DS_DRA_INTERNAL_ERROR
]
/home/mat/mems4/source4/scripting/bin/samba_dnsupdate: Traceback (most
recent call last):
/home/mat/mems4/source4/scripting/bin/samba_dnsupdate: File
"/home/mat/mems4/source4/scripting/bin/samba_dnsupdate", line 474, in
<module>
/home/mat/mems4/source4/scripting/bin/samba_dnsupdate:
get_credentials(lp)
/home/mat/mems4/source4/scripting/bin/samba_dnsupdate: File
"/home/mat/mems4/source4/scripting/bin/samba_dnsupdate", line 118, in
get_credentials
/home/mat/mems4/source4/scripting/bin/samba_dnsupdate:
creds.get_named_ccache(lp, ccachename)
/home/mat/mems4/source4/scripting/bin/samba_dnsupdate: RuntimeError:
kinit for SAMBAIOLAB$@DRSR.COM failed (Client not found in Kerberos
database)
/home/mat/mems4/source4/scripting/bin/samba_dnsupdate:
../source4/dsdb/dns/dns_update.c:252: Failed DNS update -
NT_STATUS_ACCESS_DENIED
/home/mat/mems4/source4/scripting/bin/samba_spnupdate: Traceback (most
recent call last):
/home/mat/mems4/source4/scripting/bin/samba_spnupdate: File
"/home/mat/mems4/source4/scripting/bin/samba_spnupdate", line 226, in
<module>
/home/mat/mems4/source4/scripting/bin/samba_spnupdate:
call_rodc_update(add_list)
/home/mat/mems4/source4/scripting/bin/samba_spnupdate: File
"/home/mat/mems4/source4/scripting/bin/samba_spnupdate", line 223, in
call_rodc_update
/home/mat/mems4/source4/scripting/bin/samba_spnupdate: (level, res)
= drs.DsWriteAccountSpn(drs_handle, 1, req1)
/home/mat/mems4/source4/scripting/bin/samba_spnupdate: RuntimeError:
(8333, 'WERR_DS_OBJ_NOT_FOUND')
../source4/dsdb/dns/dns_update.c:281: Failed SPN update -
NT_STATUS_ACCESS_DENIED
Matthieu
--
Matthieu Patou
Samba Team
http://samba.org
More information about the samba-technical
mailing list