[Samba] Cannot Join Existing Windows 2003 Domain
Andrew Bartlett
abartlet at samba.org
Tue Dec 25 14:28:54 MST 2012
On Tue, 2012-12-25 at 14:06 -0500, Larry Aaronson wrote:
> Trying to add a new samba 4 domain controller to an existing Windows
> 2003 domain. There are two existing domain controllers:
> dc1.home.aaronson.com and dc2.home.aaronson.com. As you can see below,
> samba 4 dies during the join. I am stumped. Dcdiag throws no errors on
> the existing controllers. Any ideas/
> Refusing to replicate
> DC=DomainDnsZones\0ADEL:accca481-ed86-4259-bcf2-fe5adebd7676,DC=home,DC=aaronson,DC=com
> from a read-only repilca into a read-write replica!
> Failed to convert object
> DC=DomainDnsZones\0ADEL:accca481-ed86-4259-bcf2-fe5adebd7676,DC=home,DC=aaronson,DC=com:
>
> WERR_DS_DRA_SOURCE_IS_PARTIAL_REPLICA
> Failed to convert objects: WERR_DS_DRA_SOURCE_IS_PARTIAL_REPLICA
So, what is happening here is that the DC you are joining is not the
full DNS server for the domain, but it may well be a global catalog.
We had an issue a few months back where somehow we replicated back in
data from a server that marked it's partition as being a global catalog,
and we had terrible trouble recovering the domain.
So, we put in this assertion that we just won't do this.
What we should do is find the DC that does have this information, and
replicate from there, but I've not added that complexity yet.
In the short term, to try things out, make both your DCs DNS servers,
and try again, and file a bug so we don't forget to look into DNS
partition replication some more.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list