Cannot join as secondary DC - samba 4.2.2 - <bug?>

Rowland Penny repenny241155 at gmail.com
Sun Jun 7 02:52:06 MDT 2015


On 07/06/15 02:53, bogdan_bartos wrote:
> I am trying to joing an existing samba 4 DC and it's giving me an error:
>
> [root at backupdc bin]# host -t A FILESERVER.specified.ca
> FILESERVER.specified.ca has address 192.168.100.253
>
> [root at backupdc bin]# cat /etc/krb5.conf
> [libdefaults]
>      dns_lookup_realm = true

This should be:         dns_lookup_realm = false

>      dns_lookup_kdc = true
>      default_realm = FILESERVER.SPECIFIED.CA
>
> [root at backupdc bin]# kinit
> Password for administrator at FILESERVER.SPECIFIED.CA:
> Warning: Your password will expire in 41 days on Sat 18 Jul 2015 01:58:01 PM
> MDT
>
> [root at backupdc bin]# klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: administrator at FILESERVER.SPECIFIED.CA
>
> Valid starting     Expires            Service principal
> 06/06/15 15:42:02  07/06/15 01:42:02
> krbtgt/FILESERVER.SPECIFIED.CA at FILESERVER.SPECIFIED.CA
>          renew until 07/06/15 15:41:59
>
> [root at backupdc bin]# ./samba-tool domain join fileserver.specified.ca DC
> -Uadministrator --realm=fileserver.specified.ca

You should be giving the realm name in UPPERCASE

If you run : 'samba-tool domain join --help'
You will find :  --realm=REALM       set the realm name

Try the two small changes and see how you go on.

Rowland

> Finding a writeable DC for domain 'fileserver.specified.ca'
> ERROR(exception): uncaught exception - Failed to find a writeable DC for
> domain 'fileserver.specified.ca'
>    File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
> line 175, in _run
>      return self.run(*args, **kwargs)
>    File
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py",
> line 613, in run
>      machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
>    File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", line
> 1161, in join_DC
>      machinepass, use_ntvfs, dns_backend, promote_existing)
>    File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", line
> 79, in __init__
>      ctx.server = ctx.find_dc(domain)
>    File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", line
> 267, in find_dc
>      raise Exception("Failed to find a writeable DC for domain '%s'" %
> domain)
>
> [root at backupdc bin]# ./samba-tool dns query fileserver
> fileserver.specified.ca f
> ileserver.specified.ca ALL
>    Name=, Records=3, Children=0
>      SOA: serial=22, refresh=900, retry=600, expire=86400, minttl=0,
> ns=fileserve
> r.fileserver.specified.ca., email=hostmaster.fileserver.specified.ca.
> (flags=600
> 000f0, serial=22, ttl=3600)
>      NS: fileserver.fileserver.specified.ca. (flags=600000f0, serial=110,
> ttl=900
> )
>      A: 192.168.100.253 (flags=600000f0, serial=110, ttl=900)
>    Name=_msdcs, Records=0, Children=0
>    Name=_sites, Records=0, Children=1
>    Name=_tcp, Records=0, Children=4
>    Name=_udp, Records=0, Children=2
>
> This happens on samba 4.22. What do you sugest? I have extended acls on the
> xfs filesystem.
>
> [root at backupdc ~]# cat /etc/fstab
>
> #
> # /etc/fstab
> # Created by anaconda on Sun May 31 09:34:12 2015
> #
> # Accessible filesystems, by reference, are maintained under '/dev/disk'
> # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
> #
> /dev/mapper/fedora-root /                       xfs
> user_xattr,acl,barrier=1          1 1
> UUID=75d1dec5-5499-4985-835b-3cd66e22f944 /boot                   ext4
> defaults        1 2
> /dev/mapper/fedora-swap swap                    swap    defaults        0 0
>
>
>
>
>
> --
> View this message in context: http://samba.2283325.n4.nabble.com/Cannot-join-as-secondary-DC-samba-4-2-2-bug-tp4686826.html
> Sent from the Samba - samba-technical mailing list archive at Nabble.com.



More information about the samba-technical mailing list