domain join as DC fails with beta5: 'WERR_DS_DRA_BAD_DN'
Pekka L.J. Jalkanen
pekka.jalkanen at vihreat.fi
Thu Aug 9 06:57:10 MDT 2012
I doubt. I just finished testing with self-compiled beta2 (I was just
about to post to the list about that), just to compare it to the
pre-compiled version... and surprise surprise, with beta2 sources domain
join works, other things equal.
Also, I'm pretty certain that I'm not just meeting but even exceeding
the software requirements stated in the wiki.
I think that I'm trying beta4 next. If that doesn't work, then beta3.
I'll report back when I'll see.
Pekka
On 9.8.2012 15:46, Ricky Nance wrote:
> The pre-compiled version likely had all the headers it needed already,
> so there is a chance you don't have something you need on the git
> version. Please check
> https://wiki.samba.org/index.php/Samba_4_OS_Requirements#Debian_or_Ubuntu and
> make sure all the packages listed there are installed, redo ./configure
> make and make install if any are missing and then retry the join.
>
> Ricky
>
> On Thu, Aug 9, 2012 at 6:34 AM, Pekka L.J. Jalkanen
> <pekka.jalkanen at vihreat.fi <mailto:pekka.jalkanen at vihreat.fi>> wrote:
>
> I tried again with another test box that has a newer operating system
> (Debian Wheezy instead of Squeeze), and thus newer Python.
>
> I also tried upgrading to Samba 4.0.0beta6-GIT-d799b25, but to no avail:
> still the same error.
>
>
> Pekka L.J. Jalkanen
>
> On 8.8.2012 18:17, Pekka L.J. Jalkanen wrote:
> > I previously tried to use Debian packages (see my previous report at
> > https://lists.samba.org/archive/samba-technical/2012-July/085301.html)
> > to join a domain as a DC, but as they turned out to be buggy, and only
> > supported ntvfs, I compiled beta5 by myself.
> >
> > However with the Debian-distributed beta2 the join itself worked, but
> > now it does not:
> >
> > root at samba4dc:/usr/local/samba# bin/samba-tool domain join
> mydomain.site
> > DC -Uadministrator at MYDOMAIN.SITE --realm=mydomain.site
> > Finding a writeable DC for domain 'mydomain.site'
> > Found DC win2003r2dc.mydomain.site
> > Password for [administrator at MYDOMAIN.SITE]:
> > workgroup is MYDOMAIN
> > realm is mydomain.site
> > checking sAMAccountName
> > Adding CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
> > Adding
> >
> CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
> > Adding CN=NTDS
> >
> Settings,CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
> > Adding SPNs to CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
> > Setting account password for SAMBA4DC$
> > Enabling account
> > Calling bare provision
> > No IPv6 address will be assigned
> > Provision OK for domain DN DC=mydomain,DC=site
> > Starting replication
> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[402]
> > linked_values[0]
> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[804]
> > linked_values[0]
> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site]
> objects[1206]
> > linked_values[0]
> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site]
> objects[1376]
> > linked_values[0]
> > Analyze and apply schema objects
> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[402]
> > linked_values[0]
> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[804]
> > linked_values[0]
> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[1206]
> > linked_values[0]
> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[1548]
> > linked_values[0]
> > Replicating critical objects from the base DN of the domain
> > Partition[DC=mydomain,DC=site] objects[95] linked_values[0]
> > Partition[DC=mydomain,DC=site] objects[396] linked_values[0]
> > Partition[DC=mydomain,DC=site] objects[454] linked_values[0]
> > Join failed - cleaning up
> > checking sAMAccountName
> > Deleted CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
> > Deleted CN=NTDS
> >
> Settings,CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
> > Deleted
> >
> CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
> > ERROR(runtime): uncaught exception - (8439, 'WERR_DS_DRA_BAD_DN')
> > File
> >
> "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
> > line 160, in _run
> > return self.run(*args, **kwargs)
> > File
> > "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py",
> > line 256, in run
> > machinepass=machinepass, use_ntvfs=use_ntvfs,
> dns_backend=dns_backend)
> > File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
> > line 1053, in join_DC
> > ctx.do_join()
> > File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
> > line 958, in do_join
> > ctx.join_replicate()
> > File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
> > line 741, in join_replicate
> > replica_flags=ctx.replica_flags)
> > File
> > "/usr/local/samba/lib/python2.6/site-packages/samba/drs_utils.py",
> line
> > 248, in replicate
> > (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle,
> req_level, req)
> >
> > Any help in resolving this would be greatly appreciated. I could
> try the
> > latest version from git, if the more experienced people here
> suggest me
> > to do that, but I would first like to confirm that I'm not having any
> > fundamentals wrong.
> >
> >
> > Pekka L.J. Jalkanen
>
>
>
>
>
> --
>
>
--
Pekka L.J. Jalkanen, pekka.jalkanen at vihreat.fi, +358-44-5510534
Vihreät / De Gröna, http://www.vihreat.fi/
More information about the samba-technical
mailing list