[Samba] Error joining Domain - after first try failed

Rowland Penny rowlandpenny at googlemail.com
Tue Mar 25 12:55:47 MDT 2014


On 25/03/14 18:33, Dirk Laurenz (Samba Mailinglist Account) wrote:
> Hello,
>
> no problem, i will provide more information:
>
> First DC - Linux samba01 3.2.0-4-amd64 #1 SMP Debian 3.2.54-2 x86_64
> GNU/Linux
> Samba Sernet Debian Packages - Version 4.1.5-SerNet-Debian-7.wheezy
> Running with bind-dlz
>
> -----------------------------------
> /etc/resolv.conf
> domain local.domain.ws
> nameserver 192.168.2.91
                     ^^^^^^^ Is this the ipaddress of the first samba 
server ?

> nameserver 8.8.8.8
>
> --------------------------------------
> /etc/krb5.conf
> [libdefaults]
>          default_realm = LOCAL.DOMAIN.WS
>          dns_lookup_realm = false
>          dns_lookup_kdc = true
>
> ---------------------------------------
> # Global parameters
> [global]
>          workgroup = DOMAIN
>          realm = LOCAL.DOMAIN.WS
>          netbios name = SAMBA01
>          server role = active directory domain controller
>          dns forwarder = 8.8.8.8
>          allow dns updates = nonsecure
>          idmap_ldb:use rfc2307 = yes
>          server services = -dns
>          client ldap sasl wrapping = sign

I take it that you didn't provision with --dns-backend=BIND9_DLZ, what 
version of bind are you using?

> [netlogon]
>          path = /var/lib/samba/sysvol/local.DOMAIN.ws/scripts
>          read only = No
>
> [sysvol]
>          path = /var/lib/samba/sysvol
>          read only = No
>
> Second DC (which has the problem) - Linux samba02 3.10.33+ #658 PREEMPT Tue
> Mar 18 17:35:55 GMT 2014 armv6l GNU/Linux (aka raspberry pi)
> (selfcompiled) - Version 4.1.6
>
> ./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc
> --enable-fhs
AH, you know I had exactly the same problem when I compiled on my rpi 
(which actually took a lot longer than it said it would). From your 
first post you created /var/lib/samba/private, I just created 
/var/lib/samba, so it should work, the only difference that I can see, 
is that I then provisioned as a DC, you are trying to join as a DC.
Try altering /etc/resolv.conf to only point to the original DC.

Rowland
> -----------------------------------
> /etc/resolv.conf
> domain local.domain.ws
> nameserver 192.168.2.92
> nameserver 192.168.2.91
> nameserver 8.8.8.8
>
> /etc/krb5.conf and smb.conf will be generated by samba-tool and are not
> existant at the moment
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
> Auftrag von Rowland Penny
> Gesendet: Dienstag, 25. März 2014 13:25
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Error joining Domain - after first try failed
>
> On 25/03/14 12:00, Dirk Domain (Samba Mailinglist Account) wrote:
>> Hello,
>>
>>    
>>
>> i just setup a new samba domain, setting up the second dc failes.
>>
>> I compiled the second dc myself and the first join failed due to a
>> missing directory (var/lib/samba/private)
>>
>> I created it and the called the join command again...
>>
>>    
>>
>> But now the dc seems to exist, but is not visible in domain tools or
>> ldbedit. But I get this message.
>>
>> What entry is meant here?
>>
>>    
>>
>> Is the out put of samba-tool domain join..
>>
>>    
>>
>> Finding a writeable DC for domain 'local.domain.ws'
>>
>> Found DC samba01.local.domain.ws
>>
>> workgroup is DOMAIN
>>
>> realm is local.domain.ws
>>
>> checking sAMAccountName
>>
>> Adding CN=SAMBA02,OU=Domain Controllers,DC=local,DC=domain,DC=ws
>>
>> Join failed - cleaning up
>>
>> checking sAMAccountName
>>
>> ERROR(ldb): uncaught exception - LDAP error 68
>> LDAP_ENTRY_ALREADY_EXISTS -
>> <00002071: ../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index
>> objectSid in CN=SAMBA02,OU=Domain Controllers,DC=local,DC=domain,DC=ws
>> -
>> ../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index objectSid in
>> CN=SAMBA02,OU=Domain Controllers,DC=local,DC=domain,DC=ws - ../l> <>
>>
>>     File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
>> line 175, in _run
>>
>>       return self.run(*args, **kwargs)
>>
>>     File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py",
>> line 552, in run
>>
>>       machinepass=machinepass, use_ntvfs=use_ntvfs,
>> dns_backend=dns_backend)
>>
>>     File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1172,
>> in join_DC
>>
>>       ctx.do_join()
>>
>>     File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1075,
>> in do_join
>>
>>       ctx.join_add_objects()
>>
>>     File "/usr/lib/python2.7/dist-packages/samba/join.py", line 515, in
>> join_add_objects
>>
>>       ctx.samdb.add(rec)
>>
>>    
>>
>> Thanks a lot.
>>
>>    
>>
>>    
>>
>> Dirk
>>
> I think we are going to need a bit more info here:
> Did you compile samba on the first server yourself ?
> what distro's are you using ?
> what version of samba 4 are you using, are you using the same version on
> both machines ?
> contents of /etc/resolv.conf, /etc/krb5.conf, smb.conf from both machines
>
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



More information about the samba mailing list