[Samba] Joining DC

Mike Ray mray at xes-inc.com
Sun Aug 4 15:03:42 MDT 2013 

Alex- 

A few things: 

1) Don't run DCs on the same domain with different versions of Samba. Either add in another 4.0.1 DC and replicate, or use the backup tool to create a copy of the database first. 
2) CN=DeletedObjects is hidden by design. You can view it using ldp.exe on a windows box (http://technet.microsoft.com/en-us/library/cc978013.aspx) and a google search will show you where to look for it in ASDIEdit. 
3) In this instance, I see why you are trying to delete this item; in 99% of other cases though, the tombstone policy should take care of removing deleted objects. 

Good luck, 
Mike Ray 

----- Original Message -----

From: "Alex Ferrara" <alex at receptiveit.com.au> 
To: "samba at lists.samba.org List" <samba at lists.samba.org> 
Sent: Sunday, August 4, 2013 3:03:11 PM 
Subject: Re: [Samba] Joining DC 

Does nobody know how to manually remove items from Samba4 directory? I've tried using adsiedit but cn=deleted items doesn't show up. 

Sent from my iPhone 

On 02/08/2013, at 1:58 PM, Alex Ferrara <alex at receptiveit.com.au> wrote: 

> I am having some trouble joining a new samba4 server as a DC. I am pretty sure this stems from trying to use OpenChange and subsequently removing it. The new samba4 machine is running 4.0.7 and the existing is running 4.0.1. I am a little hesitant to do an in-place upgrade of the last working DC, so I wanted a replica to fall back on in case things go bad. 
> 
> Any help would be appreciated. 
> 
> On the new machine 
> 
>> samba-tool domain join domain.local DC -Uadministrator realm=domain.local --dns-backend=BIND9_DLZ 
> 
> Finding a writeable DC for domain 'domain.local' 
> Found DC tachyon.domain.local 
> Password for [DOMAIN\administrator]: 
> workgroup is DOMAIN 
> realm is domain.local 
> checking sAMAccountName 
> Adding CN=NEXUS,OU=Domain Controllers,DC=domain,DC=local 
> Adding CN=NEXUS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local 
> Adding CN=NTDS Settings,CN=NEXUS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local 
> Adding SPNs to CN=NEXUS,OU=Domain Controllers,DC=domain,DC=local 
> Setting account password for NEXUS$ 
> Enabling account 
> Calling bare provision 
> No IPv6 address will be assigned 
> Provision OK for domain DN DC=domain,DC=local 
> Starting replication 
> Schema-DN[CN=Schema,CN=Configuration,DC=domain,DC=local] objects[402/2620] linked_values[0/0] 
> Schema-DN[CN=Schema,CN=Configuration,DC=domain,DC=local] objects[804/2620] linked_values[0/0] 
> Schema-DN[CN=Schema,CN=Configuration,DC=domain,DC=local] objects[1206/2620] linked_values[0/0] 
> Schema-DN[CN=Schema,CN=Configuration,DC=domain,DC=local] objects[1608/2620] linked_values[0/0] 
> Schema-DN[CN=Schema,CN=Configuration,DC=domain,DC=local] objects[2010/2620] linked_values[0/0] 
> Schema-DN[CN=Schema,CN=Configuration,DC=domain,DC=local] objects[2412/2620] linked_values[0/0] 
> Schema-DN[CN=Schema,CN=Configuration,DC=domain,DC=local] objects[2620/2620] linked_values[0/0] 
> Analyze and apply schema objects 
> Join failed - cleaning up 
> checking sAMAccountName 
> Deleted CN=NEXUS,OU=Domain Controllers,DC=domain,DC=local 
> Deleted CN=NTDS Settings,CN=NEXUS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local 
> Deleted CN=NEXUS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local 
> ERROR(runtime): uncaught exception - (8442, 'WERR_DS_DRA_INTERNAL_ERROR') 
> File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run 
> return self.run(*args, **kwargs) 
> File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 552, in run 
> machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend) 
> File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1104, in join_DC 
> ctx.do_join() 
> File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1009, in do_join 
> ctx.join_replicate() 
> File "/usr/lib/python2.7/dist-packages/samba/join.py", line 734, in join_replicate 
> replica_flags=ctx.replica_flags) 
> File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 248, in replicate 
> (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle, req_level, req) 
> 
> On the existing DC logs 
> 
> [2013/08/02 13:53:04, 0] ../source4/rpc_server/drsuapi/getncchanges.c:220(get_nc_changes_build_object) 
> ../source4/rpc_server/drsuapi/getncchanges.c:220: Failed to find attribute in schema for attrid 2786216 mentioned in replPropertyMetaData of CN=Recipient Update Service (DOMAIN)\0ADEL:cbf078d9-a0ff-4609-a05b-743816af619d,CN=Deleted Objects,CN=Configuration,DC=domain,DC=local 
> 
> Alex Ferrara 
> Director 
> Receptive IT Solutions 
> 
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the 
> instructions: https://lists.samba.org/mailman/options/samba 
-- 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list