[Samba] Samba DC join fails - IPv4/IPv6 issue
Ritter, Marcel
marcel.ritter at fau.de
Tue Mar 12 01:22:48 MDT 2013
Hi list,
I just tried to add a second DC to an existing Samba4 domain using samba-tool
(both hosts run latest samba4 git version).
But the join failed, complaining about being unable to find a writeable DC:
root at elektron:~# /opt/samba4/bin/samba-tool domain join linex.r00t.la DC
Finding a writeable DC for domain 'linex.r00t.la'
ERROR(exception): uncaught exception - Failed to find a writeable DC for domain 'linex.r00t.la'
File "/opt/samba4/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/opt/samba4/lib/python2.7/site-packages/samba/netcmd/domain.py", line 552, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/opt/samba4/lib/python2.7/site-packages/samba/join.py", line 1082, in join_DC
machinepass, use_ntvfs, dns_backend, promote_existing)
File "/opt/samba4/lib/python2.7/site-packages/samba/join.py", line 73, in __init__
ctx.server = ctx.find_dc(domain)
File "/opt/samba4/lib/python2.7/site-packages/samba/join.py", line 246, in find_dc
raise Exception("Failed to find a writeable DC for domain '%s'" % domain)
Looking a little closer, I think the problem is IPv4/IPv6 related:
The existing DC has both IPv4 and IPv6 address (and both are available
via Samba4's internal DNS.
Unfortunately even if the client is configured without IPv6 address (see
further down below) samba-tool still tries to address the DC's LDAP
server via IPv6 - and fails miserably:
root at elektron:~# strace -f -e trace=network /opt/samba4/bin/samba-tool domain join linex.r00t.la DC
<...>
[pid 1640] socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 5
[pid 1640] connect(5, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.1.6")}, 16) = 0
[pid 1640] send(5, "NQ\1\0\0\1\0\0\0\0\0\0\5venus\5linex\4r00t\2la"..., 37, MSG_NOSIGNAL) = 37
[pid 1640] recvfrom(5, "NQ\205\200\0\1\0\1\0\0\0\0\5venus\5linex\4r00t\2la"..., 1500, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.1.6")}, [16]) = 53
Process 1635 suspended
[pid 1640] +++ killed by SIGKILL +++
Process 1635 resumed
--- SIGCHLD (Child exited) @ 0 (0) ---
socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP) = 5
setsockopt(5, SOL_IPV6, IPV6_V6ONLY, [1], 4) = 0
connect(5, {sa_family=AF_INET6, sin6_port=htons(389), inet_pton(AF_INET6, "2001:xxxx:xxxx:xxxx::2", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNREACH (Network is unreachable)
ERROR(exception): uncaught exception - Failed to find a writeable DC for domain 'linex.r00t.la'
File "/opt/samba4/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/opt/samba4/lib/python2.7/site-packages/samba/netcmd/domain.py", line 552, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/opt/samba4/lib/python2.7/site-packages/samba/join.py", line 1082, in join_DC
machinepass, use_ntvfs, dns_backend, promote_existing)
File "/opt/samba4/lib/python2.7/site-packages/samba/join.py", line 73, in __init__
ctx.server = ctx.find_dc(domain)
File "/opt/samba4/lib/python2.7/site-packages/samba/join.py", line 246, in find_dc
raise Exception("Failed to find a writeable DC for domain '%s'" % domain)
root at elektron:~# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:9e:df:48 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
Maybe someone could fix this?
Thanx,
Marcel
PS: Maybe this mail will make it to the list a second time, it was
blocked due to mail address changes, and is awaiting moderator
approval ... sorry for that
More information about the samba
mailing list