[Samba] Joining samba4 as a DC to Windows Server 2012 active directory

Matthieu Patou mat at samba.org
Mon Apr 29 22:36:01 MDT 2013

On 04/28/2013 02:57 AM, James-Arthur Eaton Gonzalez wrote:
> Hello all,
> I am attempting to join samba4 to my current domain which is controlled by
> a Windows 2012 Active Directory Server. When following the instructions on
> the official WIKI:
> http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
> I am able to do a kinit administrator, which then gives me a ticket which I
> can see via klist.
> The problem is that once I run the command:
> # bin/samba-tool domain join samba.example.com DC -Uadministrator
> --realm=samba.example.com
> It does not work. I get the following error:
> DsAddEntry failed with status (5, 'WERR_ACCESS_DENIED') info (8567,
> Could this be because of the version of AD? I can't find much
> around compatibility of this version of Windows. Any help is greatly
> appreciated.
What is the level of your forest and domain, I suspect that you have a 
2012 Forest and Domain level.

For the moment we don't support this and we still have a schema issue 
with 2012 so you'd better off not using 2012.


Matthieu Patou
Samba Team

More information about the samba mailing list