domain join as DC fails with beta5: 'WERR_DS_DRA_BAD_DN'
Pekka L.J. Jalkanen
pekka.jalkanen at vihreat.fi
Fri Aug 10 06:28:56 MDT 2012
On 10.8.2012 1:37, Andrew Bartlett wrote:
> On Thu, 2012-08-09 at 21:28 +0300, Pekka L.J. Jalkanen wrote:
>> With --dns-backend=NONE the join works now.
>
> Thanks for the feedback, and sorry for the pain.
No problem, really! This pain was nothing comparing to my initial one,
caused entirely by my own stupidity. See the following:
https://lists.samba.org/archive/samba/2012-August/168709.html
https://lists.samba.org/archive/samba/2012-August/168710.html
Since the last night I've left the DC running, since it seems to be
working all right, and I even tested shutting down our Windows DC
without stopping the other AD-bound systems first; authentication
continued to work correctly, and a Samba 3 server configured to use
idmap_ad got correct Unix attributes from AD.
I also made some changes to our OU structure, and localhost-bound
ldapsearch from Samba DC detected them practically immediately. And no
errors in Windows Directory Service log either.
So in general, everything works, thanks to you. And I can hopefully soon
shelve my plan B--that is, bringing in more Windows DCs and upgrading
them to W2k8... :)
Pekka
More information about the samba-technical
mailing list