domain join as DC fails with beta5: 'WERR_DS_DRA_BAD_DN'
Pekka L.J. Jalkanen
pekka.jalkanen at vihreat.fi
Thu Aug 9 07:58:15 MDT 2012
OK, beta2 does work, but beta4 doesn't, and interestingly enough, I
can't compile beta3 at all:
[ 825/3792] Compiling source4/dsdb/samdb/ldb_modules/linked_attributes.c
../source4/dsdb/samdb/ldb_modules/linked_attributes.c: In function
‘handle_verify_name_control’:
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:97:12: error:
dereferencing pointer to incomplete type
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:97:40: error:
dereferencing pointer to incomplete type
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:111:11: error:
dereferencing pointer to incomplete type
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:112:44: error:
dereferencing pointer to incomplete type
../source4/dsdb/samdb/ldb_modules/linked_attributes.c: In function
‘linked_attributes_add’:
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:258:41: error:
‘LDB_CONTROL_VERIFY_NAME_OID’ undeclared (first use in this function)
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:258:41: note: each
undeclared identifier is reported only once for each function it appears in
../source4/dsdb/samdb/ldb_modules/linked_attributes.c: In function
‘linked_attributes_modify’:
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:495:41: error:
‘LDB_CONTROL_VERIFY_NAME_OID’ undeclared (first use in this function)
../source4/dsdb/samdb/ldb_modules/linked_attributes.c: In function
‘linked_attributes_ldb_init’:
../source4/dsdb/samdb/ldb_modules/linked_attributes.c:1168:41: error:
‘LDB_CONTROL_VERIFY_NAME_OID’ undeclared (first use in this function)
Waf: Leaving directory `/home/pekkajal/src/samba-master/bin'
Build failed: -> task failed (err #1):
{task: cc linked_attributes.c -> linked_attributes_57.o}
make: *** [all] Error 1
So the problem lies somewhere between beta2 and beta4.
Pekka
On 9.8.2012 15:57, Pekka L.J. Jalkanen wrote:
> I doubt. I just finished testing with self-compiled beta2 (I was just
> about to post to the list about that), just to compare it to the
> pre-compiled version... and surprise surprise, with beta2 sources domain
> join works, other things equal.
>
> Also, I'm pretty certain that I'm not just meeting but even exceeding
> the software requirements stated in the wiki.
>
> I think that I'm trying beta4 next. If that doesn't work, then beta3.
> I'll report back when I'll see.
>
>
> Pekka
>
> On 9.8.2012 15:46, Ricky Nance wrote:
>> The pre-compiled version likely had all the headers it needed already,
>> so there is a chance you don't have something you need on the git
>> version. Please check
>> https://wiki.samba.org/index.php/Samba_4_OS_Requirements#Debian_or_Ubuntu and
>> make sure all the packages listed there are installed, redo ./configure
>> make and make install if any are missing and then retry the join.
>>
>> Ricky
>>
>> On Thu, Aug 9, 2012 at 6:34 AM, Pekka L.J. Jalkanen
>> <pekka.jalkanen at vihreat.fi <mailto:pekka.jalkanen at vihreat.fi>> wrote:
>>
>> I tried again with another test box that has a newer operating system
>> (Debian Wheezy instead of Squeeze), and thus newer Python.
>>
>> I also tried upgrading to Samba 4.0.0beta6-GIT-d799b25, but to no avail:
>> still the same error.
>>
>>
>> Pekka L.J. Jalkanen
>>
>> On 8.8.2012 18:17, Pekka L.J. Jalkanen wrote:
>> > I previously tried to use Debian packages (see my previous report at
>> > https://lists.samba.org/archive/samba-technical/2012-July/085301.html)
>> > to join a domain as a DC, but as they turned out to be buggy, and only
>> > supported ntvfs, I compiled beta5 by myself.
>> >
>> > However with the Debian-distributed beta2 the join itself worked, but
>> > now it does not:
>> >
>> > root at samba4dc:/usr/local/samba# bin/samba-tool domain join
>> mydomain.site
>> > DC -Uadministrator at MYDOMAIN.SITE --realm=mydomain.site
>> > Finding a writeable DC for domain 'mydomain.site'
>> > Found DC win2003r2dc.mydomain.site
>> > Password for [administrator at MYDOMAIN.SITE]:
>> > workgroup is MYDOMAIN
>> > realm is mydomain.site
>> > checking sAMAccountName
>> > Adding CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
>> > Adding
>> >
>> CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
>> > Adding CN=NTDS
>> >
>> Settings,CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
>> > Adding SPNs to CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
>> > Setting account password for SAMBA4DC$
>> > Enabling account
>> > Calling bare provision
>> > No IPv6 address will be assigned
>> > Provision OK for domain DN DC=mydomain,DC=site
>> > Starting replication
>> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[402]
>> > linked_values[0]
>> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site] objects[804]
>> > linked_values[0]
>> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site]
>> objects[1206]
>> > linked_values[0]
>> > Schema-DN[CN=Schema,CN=Configuration,DC=mydomain,DC=site]
>> objects[1376]
>> > linked_values[0]
>> > Analyze and apply schema objects
>> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[402]
>> > linked_values[0]
>> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[804]
>> > linked_values[0]
>> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[1206]
>> > linked_values[0]
>> > Partition[CN=Configuration,DC=mydomain,DC=site] objects[1548]
>> > linked_values[0]
>> > Replicating critical objects from the base DN of the domain
>> > Partition[DC=mydomain,DC=site] objects[95] linked_values[0]
>> > Partition[DC=mydomain,DC=site] objects[396] linked_values[0]
>> > Partition[DC=mydomain,DC=site] objects[454] linked_values[0]
>> > Join failed - cleaning up
>> > checking sAMAccountName
>> > Deleted CN=SAMBA4DC,OU=Domain Controllers,DC=mydomain,DC=site
>> > Deleted CN=NTDS
>> >
>> Settings,CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
>> > Deleted
>> >
>> CN=SAMBA4DC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=site
>> > ERROR(runtime): uncaught exception - (8439, 'WERR_DS_DRA_BAD_DN')
>> > File
>> >
>> "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
>> > line 160, in _run
>> > return self.run(*args, **kwargs)
>> > File
>> > "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py",
>> > line 256, in run
>> > machinepass=machinepass, use_ntvfs=use_ntvfs,
>> dns_backend=dns_backend)
>> > File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
>> > line 1053, in join_DC
>> > ctx.do_join()
>> > File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
>> > line 958, in do_join
>> > ctx.join_replicate()
>> > File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py",
>> > line 741, in join_replicate
>> > replica_flags=ctx.replica_flags)
>> > File
>> > "/usr/local/samba/lib/python2.6/site-packages/samba/drs_utils.py",
>> line
>> > 248, in replicate
>> > (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle,
>> req_level, req)
>> >
>> > Any help in resolving this would be greatly appreciated. I could
>> try the
>> > latest version from git, if the more experienced people here
>> suggest me
>> > to do that, but I would first like to confirm that I'm not having any
>> > fundamentals wrong.
>> >
>> >
>> > Pekka L.J. Jalkanen
>>
>>
>>
>>
>>
>> --
>>
>>
>
>
--
Pekka L.J. Jalkanen, pekka.jalkanen at vihreat.fi, +358-44-5510534
Vihreät / De Gröna, http://www.vihreat.fi/
More information about the samba-technical
mailing list