domain join as DC fails with beta5: 'WERR_DS_DRA_BAD_DN'
Pekka L.J. Jalkanen
pekka.jalkanen at vihreat.fi
Wed Aug 8 09:17:54 MDT 2012
I previously tried to use Debian packages (see my previous report at
https://lists.samba.org/archive/samba-technical/2012-July/085301.html)
to join a domain as a DC, but as they turned out to be buggy, and only
supported ntvfs, I compiled beta5 by myself.
However with the Debian-distributed beta2 the join itself worked, but
now it does not:
root at samba4dc:/usr/local/samba# bin/samba-tool domain join mydomain.site
DC -Uadministrator at MYDOMAIN.SITE --realm=mydomain.site
Finding a writeable DC for domain 'mydomain.site'
Found DC win2003r2dc.mydomain.site
Password for [administrator at MYDOMAIN.SITE]:
workgroup is MYDOMAIN
realm is mydomain.site
checking sAMAccountName
Adding CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
Adding
CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
Adding CN=NTDS
Settings,CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
Adding SPNs to CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
Setting account password for SAMBA4DC$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=mydomain,DC=site
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[402]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[804]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[1206]
linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[1376]
linked_values[0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=mydomain,DC=site] objects[402]
linked_values[0]
Partition[CN=Configuration,DC=mydomain,DC=site] objects[804]
linked_values[0]
Partition[CN=Configuration,DC=mydomain,DC=site] objects[1206]
linked_values[0]
Partition[CN=Configuration,DC=mydomain,DC=site] objects[1548]
linked_values[0]
Replicating critical objects from the base DN of the domain
Partition[DC=mydomain,DC=site] objects[95] linked_values[0]
Partition[DC=mydomain,DC=site] objects[396] linked_values[0]
Partition[DC=mydomain,DC=site] objects[454] linked_values[0]
Join failed - cleaning up
checking sAMAccountName
Deleted CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
Deleted CN=NTDS
Settings,CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
Deleted
CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
ERROR(runtime): uncaught exception - (8439, 'WERR_DS_DRA_BAD_DN')
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
line 160, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py",
line 256, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
line 1053, in join_DC
ctx.do_join()
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
line 958, in do_join
ctx.join_replicate()
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
line 741, in join_replicate
replica_flags=ctx.replica_flags)
File
"/usr/local/samba/lib/python2.6/site-packages/samba/drs_utils.py", line
248, in replicate
(level, ctr) = self.drs.DsGetNCChanges(self.drs_handle, req_level, req)
Any help in resolving this would be greatly appreciated. I could try the
latest version from git, if the more experienced people here suggest me
to do that, but I would first like to confirm that I'm not having any
fundamentals wrong.
Pekka L.J. Jalkanen
More information about the samba-technical
mailing list