[Samba] Samba4 - Corrupted group caused stop of replication - "Object class violation"
Olivier BILHAUT
obilhaut at fondation-misericorde.fr
Mon Feb 9 02:04:16 MST 2015
Hi Andrew,
Thanks for your reply.
We tried successfully the
--full-sync option from first to second DC. Unfortunately, afterwards
the second DC was still in a corrupted state. The "Deleted Objects"
still contained the ugly groups with the missing attribute...
So we
achieved to get a successfull replication after editing the "deleted
objects" with ldbedit. We have deleted the two corrupted groups from
this branch and it started to replicate again...
Many thanks for your
help anyway !
Cheers.
--
Olivier BILHAUT
Le 2015-02-08 20:00,
samba-request at lists.samba.org a écrit :
> Send samba mailing list
submissions to
> samba at lists.samba.org
>
> To subscribe or unsubscribe
via the World Wide Web, visit
>
https://lists.samba.org/mailman/listinfo/samba [4]
> or, via email, send
a message with subject or body 'help' to
>
samba-request at lists.samba.org
>
> You can reach the person managing the
list at
> samba-owner at lists.samba.org
>
> When replying, please edit
your Subject line so it is more specific
> than "Re: Contents of samba
digest..."
>
> Today's Topics:
>
> 1. Re: Did you get my previous
email? Not Spam. (Rowland Penny)
> 2. ERROR_DNS_UPDATE_FAILED and
NT_STATUS_UNSUCCESSFUL
> (Bob of Donelson Trophy)
> 3. Hide lost+found
(Ed Russell)
> 4. smbclient works with IP address but not hostname
(Graeme Russ)
> 5. Re: Did you get my previous email? Not Spam. (Jason
Long)
> 6. Re: Samba4 - Corrupted group caused stop of replication -
>
"Object class violation" (Andrew Bartlett)
> 7. Re: Did you get my
previous email? Not Spam. (Rowland Penny)
> 8. Re:
ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL
> (Rowland Penny)
>
9. Re: ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL (buhorojo)
>
10. Re: ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL
> (Rowland
Penny)
> 11. Re: ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL
>
(Bob of Donelson Trophy)
> 12. Re: ERROR_DNS_UPDATE_FAILED and
NT_STATUS_UNSUCCESSFUL
> (Bob of Donelson Trophy)
> 13. Re:
ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL
> (Rowland Penny)
>
14. https://download.samba.org/pub/samba/ [2] is broken ?
> (Nico
Kadel-Garcia)
>
> Content-Transfer-Encoding: 7bit
> From: Rowland Penny
<rowlandpenny at googlemail.com>
> Precedence: list
> MIME-Version: 1.0
>
To: sambalist <samba at lists.samba.org>
> References:
<54D1E1B3.4090709 at googlemail.com>
>
<242229566.712515.1423294022195.JavaMail.yahoo at mail.yahoo.com>
>
In-Reply-To:
<242229566.712515.1423294022195.JavaMail.yahoo at mail.yahoo.com>
> Date:
Sat, 07 Feb 2015 09:17:35 +0000
> Message-ID:
<54D5D82F.8030108 at googlemail.com>
> Content-Type: text/plain;
charset=utf-8; format=flowed
> Subject: Re: [Samba] Did you get my
previous email? Not Spam.
> Message: 1
>
> On 07/02/15 07:27, Jason
Long wrote:
>
>> Thanks. I removed likewiseopen and if you remember, I
installed CentOS 7. My AD not show any "uidNumber" or "gidNumber" and
tell me "Not set". The problem is that I can't login to Linux via AD
user and is it for "uidnumber" ? Tnx. On Wednesday, February 4, 2015
1:09 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: On 04/02/15
06:11, Jason Long wrote:
>>
>>> Thanks. You right, It tell me that
"Uid not set", But is Uid my problem? I can't login to system with AD
because of "uid"? If yes, Why I can login to system via Likewise ?
>>
Firstly, please stop sending posts directly to me, send them to the
list, I am not your personal advisor ! You have been advised to remove
likewiseopen, if you haven't done this yet, please remove it, once it is
removed, start giving your users a uidNumber with the ADUC
UNIX_Attributes tab, also give 'Domain Users' a gidNumber. Rowland
>
>
OK, you probably have something like this in smb.conf:
>
> idmap config
EXAMPLE : backend = ad
> idmap config EXAMPLE : range = 10000-999999
>
idmap config EXAMPLE : schema_mode = rfc2307
>
> Where 'EXAMPLE' will
be your domain name and '10000-999999' is your range.
>
> If you do not
want to add 'uidNumber' & 'gidNumber' attributes to AD,
> change the 3
lines to this:
>
> idmap config EXAMPLE : backend = rid
> idmap config
EXAMPLE : range = 10000-999999
>
> Restart samba services and the ID
numbers will be allocated for you.
>
> Rowland
>
>
Content-Transfer-Encoding: 7bit
> From: Bob of Donelson Trophy
<bob at donelsontrophy.net>
> Precedence: list
> MIME-Version: 1.0
> To:
SAMBA MailList <samba at lists.samba.org>
> Date: Fri, 06 Feb 2015 12:45:20
-0600
> Reply-To: bob at donelsontrophy.net
> Message-ID:
<0bf13972bd5357f87883247c5e3e18bf at donelsontrophy.net>
> Content-Type:
text/plain
> Subject: [Samba]
=?utf-8?q?ERROR=5FDNS=5FUPDATE=5FFAILED_and_NT=5FSTATUS?=
>
=?utf-8?q?=5FUNSUCCESSFUL?=
> Message: 2
>
> I have been struggling
with getting a member server to join my domain.
> Thanks to testing and
using a VM, I can get the test member server to
> join my domain. The
member server on "real hardware" cannot join, well
> sort of.
>
> When
I "join", I get:
>
> net ads join -U Administrator
> Enter
Administrator's password:
> Using short domain name -- DTS***M
> Joined
'DTMBR01' to dns domain 'dts***m.lan'
> DNS Update for
dtmember01.dts***m.lan failed: ERROR_DNS_UPDATE_FAILED
> DNS update
failed: NT_STATUS_UNSUCCESSFUL
>
> And when I "leave", I get:
>
>
net ads leave -U Administrator
> Enter Administrator's password:
>
Deleted account for 'DTMBR01' in realm 'DTS***M.LAN'
>
> So, I look
for what where?
> --
>
> -------------------------
>
> Bob Wooden of
Donelson Trophy
>
> 615.885.2846 (main)
> www.donelsontrophy.com [1]
>
> "Everyone deserves an award!!"
>
> Links:
> ------
> [1]
http://www.donelsontrophy.com [1]
>
> Content-Transfer-Encoding:
quoted-printable
> From: Ed Russell <erussell at ifbqsr.com>
> Precedence:
list
> MIME-Version: 1.0
> To: "samba at lists.samba.org"
<samba at lists.samba.org>
> Date: Sun, 8 Feb 2015 04:19:23 +0000
>
Message-ID:
<ec63c0059ff74204ad5b180d35fd2d50 at MBX04C-ORD1.mex06.mlsrvr.com>
>
Content-Type: text/plain; charset="iso-8859-1"
> Subject: [Samba] Hide
lost+found
> Message: 3
>
> For some reason adding:
>
> hide files =3D
/lost+found/
>
> In either my global section or share section does not
hide lost+found.=A0 I=
> t did work at some point, but has now
stopped.
>
> I am running Samba 4.1.16.=A0 I am sure it is something
incredibly simple.
>
> Content-Transfer-Encoding: 7bit
> From: Graeme
Russ <gruss at tss-engineering.com>
> Precedence: list
> MIME-Version:
1.0
> To: samba at lists.samba.org
> Date: Sun, 08 Feb 2015 16:53:36
+1100
> Reply-To: gruss at tss-engineering.com
> Message-ID:
<54D6F9E0.5040706 at tss-engineering.com>
> Content-Type: text/plain;
charset=utf-8; format=flowed
> Subject: [Samba] smbclient works with IP
address but not hostname
> Message: 4
>
> Hi All,
>
> I've configured
a Fedora 20 server with samba to share a few user
> directories and a
printer.
>
> From a Windows 8 laptop, I am able to address the samba
server by it's
> name (fs1)
>
> From a Fedora 20 client (ws1), I am
able to address the samba server by
> IP address, but not by name.
>
>
[gruss at ws1 ~]$ smbclient --version
> Version 4.1.15
>
> [gruss at ws1 ~]$
smbclient -L 192.168.1.10
> Enter gruss's password:
> Domain=[TSSENG]
OS=[Unix] Server=[Samba 4.1.15]
>
> Sharename Type Comment
> ---------
---- -------
> homes Disk Home Directories
> gruss Disk
> dnla Disk
>
charlee Disk
> IPC$ IPC IPC Service (Samba Server Version 4.1.15)
>
MFCJ5320DW Printer MFCJ5320DW
> Domain=[TSSENG] OS=[Unix] Server=[Samba
4.1.15]
>
> Server Comment
> --------- -------
> FS1 Samba Server
Version 4.1.15
> WS1 Samba Server Version 4.1.15
>
> Workgroup Master
>
--------- -------
> TSSENG FS1
> WORKGROUP CREEPYCONNORS
>
> [gruss at ws1
~]$ smbclient -L fs1
> Enter gruss's password:
> protocol negotiation
failed: NT_STATUS_INVALID_NETWORK_RESPONSE
>
> The server is able to
fully resolve ws1. I had to first start the nmb
> service on ws1
with:
>
> [root at ws1 gruss]# systemctl start nmb.service
> [root at ws1
gruss]# systemctl enable nmb.service
>
> [root at fs1 samba]# nmblookup
--version
> Version 4.1.15
>
> [root at fs1 samba]# nmblookup ws1
>
192.168.1.209 ws1<00>
>
> And the creepyconnors laptop:
>
> [root at fs1
samba]# nmblookup creepyconnors
> 192.168.1.211 creepyconnors<00>
>
>
Here are the outputs from testparm:
>
> [root at fs1 samba]# testparm
>
Load smb config files from /etc/samba/smb.conf
> rlimit_max: increasing
rlimit_max (1024) to minimum Windows limit (16384)
> Processing section
"[homes]"
> Processing section "[printers]"
> Processing section
"[gruss]"
> Processing section "[dnla]"
> Processing section
"[charlee]"
> Loaded services file OK.
> Server role: ROLE_STANDALONE
>
Press enter to see a dump of your service definitions
>
> [global]
>
workgroup = TSSENG
> server string = Samba Server Version %v
>
interfaces = lo, em1, 192.168.1.10/24
> guest account = dlna
> log file
= /var/log/samba/log.%m
> max log size = 50
> printcap name = cups
>
preferred master = Yes
> idmap config * : backend = tdb
> guest ok =
Yes
> hosts allow = 127.0.0.1, 192.168.1.0/255.255.255.0
> cups options
= raw
>
> [homes]
> comment = Home Directories
> read only = No
>
>
[printers]
> comment = All Printers
> path = /var/spool/samba
>
printable = Yes
> print ok = Yes
> browseable = No
>
> [gruss]
> path =
/home/gruss
> valid users = gruss
> read only = No
>
> [dnla]
> path =
/home/dlna
> read only = No
>
> [charlee]
> path = /home/charlee
>
valid users = charlee
> read only = No
>
> [root at ws1 gruss]# testparm
>
Load smb config files from /etc/samba/smb.conf
> rlimit_max: increasing
rlimit_max (1024) to minimum Windows limit (16384)
> Processing section
"[homes]"
> Processing section "[printers]"
> Loaded services file OK.
>
Server role: ROLE_STANDALONE
> Press enter to see a dump of your service
definitions
>
> [global]
> workgroup = TSSENG
> server string = Samba
Server Version %v
> log file = /var/log/samba/log.%m
> max log size =
50
> idmap config * : backend = tdb
> cups options = raw
>
> [homes]
>
comment = Home Directories
> read only = No
> browseable = No
>
>
[printers]
> comment = All Printers
> path = /var/spool/samba
>
printable = Yes
> print ok = Yes
> browseable = No
>
> Any ideas where
I should start looking?
>
> Regards,
>
> Graeme
>
>
Content-Transfer-Encoding: 7bit
> From: Jason Long
<hack3rcon at yahoo.com>
> Precedence: list
> MIME-Version: 1.0
> To:
Rowland Penny <rowlandpenny at googlemail.com>,
> sambalist
<samba at lists.samba.org>
> References:
<54D5D82F.8030108 at googlemail.com>
> In-Reply-To:
<54D5D82F.8030108 at googlemail.com>
> Date: Sun, 8 Feb 2015 06:51:32 +0000
(UTC)
> Reply-To: Jason Long <hack3rcon at yahoo.com>
> Message-ID:
<781097463.862255.1423378292290.JavaMail.yahoo at mail.yahoo.com>
>
Content-Type: text/plain; charset=UTF-8
> Subject: Re: [Samba] Did you
get my previous email? Not Spam.
> Message: 5
>
> Thanks a lot.
>
>
[root at printmah ~]# getent passwd jason
> jason:*:11303:10513:jason
JASON:/home/JASONDOMAIN/jason:/bin/false
>
> But I can't login to Linux
via AD username and it show me :
>
> Last login: Sun Feb 8 01:48:32
2015
> Could not chdir to home directory /home/JASONDOMAIN/jason: No
such file or directory
>
> I guess it can't create a Home directory for
Each AD user. How can I solve it?
>
> Cheers.
>
> On Saturday,
February 7, 2015 1:17 AM, Rowland Penny <rowlandpenny at googlemail.com>
wrote:
> On 07/02/15 07:27, Jason Long wrote:
>
>> Thanks. I removed
likewiseopen and if you remember, I installed CentOS 7. My AD not show
any "uidNumber" or "gidNumber" and tell me "Not set". The problem is
that I can't login to Linux via AD user and is it for "uidnumber" ? Tnx.
On Wednesday, February 4, 2015 1:09 AM, Rowland Penny
<rowlandpenny at googlemail.com> wrote: On 04/02/15 06:11, Jason Long
wrote:
>>
>>> Thanks. You right, It tell me that "Uid not set", But is
Uid my problem? I can't login to system with AD because of "uid"? If
yes, Why I can login to system via Likewise ?
>> Firstly, please stop
sending posts directly to me, send them to the list, I am not your
personal advisor ! You have been advised to remove likewiseopen, if you
haven't done this yet, please remove it, once it is removed, start
giving your users a uidNumber with the ADUC UNIX_Attributes tab, also
give 'Domain Users' a gidNumber. Rowland
>
> OK, you probably have
something like this in smb.conf:
>
> idmap config EXAMPLE : backend =
ad
> idmap config EXAMPLE : range = 10000-999999
> idmap config EXAMPLE
: schema_mode = rfc2307
>
> Where 'EXAMPLE' will be your domain name
and '10000-999999' is your range.
>
> If you do not want to add
'uidNumber' & 'gidNumber' attributes to AD,
> change the 3 lines to
this:
>
> idmap config EXAMPLE : backend = rid
> idmap config EXAMPLE :
range = 10000-999999
>
> Restart samba services and the ID numbers will
be allocated for you.
>
> Rowland
>
> Content-Transfer-Encoding:
7bit
> From: Andrew Bartlett <abartlet at samba.org>
> Precedence: list
>
MIME-Version: 1.0
> Cc: samba <samba at lists.samba.org>
> To: Olivier
BILHAUT <obilhaut at fondation-misericorde.fr>
> References:
<54f3ed5e7fe98f6c98775fdc7578e2f1 at fondation-misericorde.fr>
>
In-Reply-To:
<54f3ed5e7fe98f6c98775fdc7578e2f1 at fondation-misericorde.fr>
> Date: Sun,
08 Feb 2015 20:53:02 +1300
> Message-ID:
<1423381982.13498.6.camel at jesse>
> Content-Type: text/plain;
charset="UTF-8"
> Subject: Re: [Samba] Samba4 - Corrupted group caused
stop of replication -
> "Object class violation"
> Message: 6
>
> On
Wed, 2015-02-04 at 11:46 +0100, Olivier BILHAUT wrote:
> Hi Samba List!
We are using Samba Version 4.1.12 on two master DC. We've noticed that
a
>
>> o DC. The result of the command : "samba-tool drs showrepl" is
the following : On the first DC, INBOUND NEIGHBORS : Last attempt @ Wed
Feb 4 11:26:41 2015 CET failed, result 58 (WERR_BAD_NET_RESP) 235
consecutive failure(s). On the same DC, log level at 5, we've got the
following errors trying to force replication : The command :
./samba-tool drs replicate FirstDC SecondDC dc=fhm,dc=local The result
in the samba log : ldb: No objectClass found in replPropertyMetaData for
CN=gastroenterologie_sADEL:dd657361-ee30-409c-a8fe-388884a55e6a,CN=Deleted
Objects,DC=fhm,DC=local! [2015/02/04 11:36:37.309435, 0]
../source4/dsdb/repl/replicated_objects.c:783(dsdb_replicated_objects_commit)
Failed to apply records: replmd_replicated_apply_add: error during DRS
repl ADD: replmd_replicated_apply_add: error during DRS repl ADD:
replmd_replicated_apply_add: error during DRS repl ADD:
replmd_replicated_apply_add: error duri: Object class violation
[2015/02/04 11:36:37.310110, 0]
../source4/dsdb/repl/drepl_out_helpers.c:733(dreplsrv_op_pull_source_apply_changes_trigger)
Failed to commit objects:
WERR_GENERAL_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE [2015/02/04
11:36:37.310755, 4]
../source4/dsdb/repl/drepl_out_pull.c:178(dreplsrv_pending_op_callback)
dreplsrv_op_pull_source(WERR_BAD_NET_RESP) for DC=fhm,DC=local The
replication works one-way, from FirstDC to SecondDC
>>
>> You need to
force a replication of all objects from FirstDC to SecondDC.
>>
'samba-tool drs replicate --full-sync' should do it.
>>
>>
Content-Transfer-Encoding:
> Rowland Penny <rowlandpenny at googlemail.com>
Precedence: list MIME-Version: 1.0 To: sambalist <samba at lists.samba.org>
References: <54D5D82F.8030108 at googlemail.com>
<781097463.862255.1423378292290.JavaMail.yahoo at mail.yahoo.com>
In-Reply-To:
<781097463.862255.1423378292290.JavaMail.yahoo at mail.yahoo.com> Date:
Sun, 08 Feb 2015 08:48:43 +0000 Message-ID:
<54D722EB.3040206 at googlemail.com> Content-Type: text/plain;
charset=utf-8; format=flowed Subject: Re: [Samba] Did you get my
previous email? Not Spam. Message: 7 On 08/02/15 06:51, Jason Long
wrote: Thanks a lot. [root at printmah ~]# getent passwd jason
jason:*:11303:10513:jason JASON:/home/JASONDOMAIN/jason:/bin/false But I
can't login to Linux via AD username and it show me : Last login: Sun
Feb 8 01:48:32 2015 Could not chdir to home directory
/home/JASONDOMAIN/jason: No such
>
>> ckquote>
>>
>> You actually
have a few problems there and you can fix them this way.
>>
>> Add this
to smb.conf:
>>
>> template shell = /bin/sh
>> template homedir =
/home/%U
>>
>> restart samba
>>
>> Add this to
/etc/pam.d/common-account:
>>
>> session required pam_mkhomedir.so
skel=/etc/skel/ umask=0022
>>
>> and you should be able to login
>>
>>
Rowland
>>
>> Content-Transfer-Encod
> om: Rowland Penny
<rowlandpenny at googlemail.com> Precedence: list MIME-Version: 1.0 To:
samba at lists.samba.org References:
<0bf13972bd5357f87883247c5e3e18bf at donelsontrophy.net> In-Reply-To:
<0bf13972bd5357f87883247c5e3e18bf at donelsontrophy.net> Date: Sun, 08 Feb
2015 08:56:15 +0000 Message-ID: <54D724AF.5070006 at googlemail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed Subject:
Re: [Samba] ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL Message:
8 On 06/02/15 18:45, Bob of Donelson Trophy wrote: I have been
struggling with getting a member server to join my domain. Thanks to
testing and using a VM, I can get the test member server to join my
domain. The member server on "real hardware" cannot join, well sort of.
When I "join", I get: net ads join -U Administrator Enter
Administrator's password: Using short domain name -- DTS***M Joined
'DTMBR01' to dns domain 'dts***m.lan' DNS Upda
>
>> hen I "leave", I
get: net ads leave -U Administrator Enter Administrator's password:
Deleted account for 'DTMBR01' in realm 'DTS***M.LAN' So, I look for what
where?
>>
>> Hi Bob, your machine is actually joining the domain, it
is the dns
>> adding bit that is failing, try joining again and see if
you can connect
>> from another client, if it doesn't, run 'samba-tool
dns add --help' and
>> from this work out how to add the computers dns
records.
>>
>> Rowland
>>
>> Content-Transfer-Encoding: 7bit From:
buhorojo <buhorojo.lcb at gmail.com> Precedence: list MIME-Version: 1.0 To:
samba
> "mailto:samba at lists.samba.org">samba at lists.samba.org>
References: <0bf13972bd5357f87883247c5e3e18bf at donelsontrophy.net>
In-Reply-To: <0bf13972bd5357f87883247c5e3e18bf at donelsontrophy.net> Date:
Sun, 08 Feb 2015 10:21:15 +0100 Message-ID: <54D72A8B.7050009 at gmail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed Subject:
Re: [Samba] ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL Message:
9 On 06/02/15 19:45, Bob of Donelson Trophy wrote: I have been
struggling with getting a member server to join my domain. Thanks to
testing and using a VM, I can get the test member server to join my
domain. The member server on "real hardware" cannot join, well sort of.
When I "join", I get: net ads join -U Administrator Enter
Administrator's password: Using short domain name -- DTS***M Joined
'DTMBR01' to dns domain 'dts***m.lan' DNS Update for
dtmember01.dts***m.lan failed: ERROR_DNS_UPDATE_
>
>> ter
Administrator's password: Deleted account for 'DTMBR01' in realm
'DTS***M.LAN' So, I look for what where?
>>
>> The DC handling the
join does not know the fqdn of the member server. Add:
>> 127.0.0.1
dtmember01.dts***m.lan dtmember01 localhost
>> to /etc/hosts
>> then
rejoin
>>
>> Content-Transfer-Encoding: 7bit From: Rowland Penny
<rowlandpenny at googlemail.com> Precedence: list MIME-Version: 1.0 To:
samba at lists.samba.org References: <0bf13972bd5357f87883247c
>
lsontrophy.net> <54D72A8B.7050009 at gmail.com> In-Reply-To:
<54D72A8B.7050009 at gmail.com> Date: Sun, 08 Feb 2015 09:36:45 +0000
Message-ID: <54D72E2D.5090608 at googlemail.com> Content-Type: text/plain;
charset=windows-1252; format=flowed Subject: Re: [Samba]
ERROR_DNS_UPDATE_FAILED and NT_STATUS_UNSUCCESSFUL Message: 10 On
08/02/15 09:21, buhorojo wrote: On 06/02/15 19:45, Bob of Donelson
Trophy wrote: I have been struggling with getting a member server to
join my domain. Thanks to testing and using a VM, I can get the test
member server to join my domain. The member server on "real hardware"
cannot join, well sort of. When I "join", I get: net ads join -U
Administrator Enter Administrator's password: Using short domain name --
DTS***M Joined 'DTMBR01' to dns domain 'dts***m.lan' DNS Update for
dtmember01.dts***m.lan failed: ERRO
>
>> inistrator Enter
Administrator's password: Deleted account for 'DTMBR01' in realm
'DTS***M.LAN' So, I look for what where? The DC handling the join does
not know the fqdn of the member server. Add: 127.0.0.1
dtmember01.dts***m.lan dtmember01 localhost to /etc/hosts then rejoin
>>
>> DON'T do this, You can check that /etc/hosts has this:
>>
>>
127.0.0.1 localhost
>> <computer ip> dtmember01.dts***m.lan
dtmember01
>>
>> If you do it the way advised, your computer *will*
only reply to '127.0.0.1'
>>
>> Rowland
>>
>>
Content-Transfer-Encoding: 7bit From: Bob of Donelson Trophy
<bob at donelsontrophy.net> Precedence: list MIME-Version: 1.0 To:
samba at lists.samba.org References:
<0bf13972bd5357f87883247c5e3e18bf at donelsontrophy.net> <
>
D72A8B.7050009 at gmail.com> In-Reply-To: <54D72A8B.7050009 at gmail.com>
Date: Sun, 08 Feb 2015 08:15:37 -0600 Reply-To: bob at donelsontrophy.net
Message-ID: <060425f5439c501f6c1704f661fccbe6 at donelsontrophy.net>
Content-Type: text/plain Subject: Re: [Samba]
=?utf-8?q?ERROR=5FDNS=5FUPDATE=5FFAILED_and_NT=5FSTATUS?=
=?utf-8?q?=5FUNSUCCESSFUL?= Message: 11 Never seen this mentioned before
and it did not work. Sorry. --- ------------------------- Bob Wooden of
Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [1] "Everyone
deserves an award!!" On 2015-02-08 03:21, buhorojo wrote: On 06/02/15
19:45, Bob of Donelson Trophy wrote: I have been struggling with getting
a member server to join my domain. Thanks to testing and using a VM, I
can get the test member server to join my domain. The member server on
"real hardware" cannot join, well sort of. When I "join", I get: net ads
join -U Administrator Enter Administrator's password: Using short domain
name -- DTS***M Joined 'DTMBR01' to dns domain 'dts***m.lan' DNS Update
for dtmember01.dts***m.lan failed: ERROR_DNS_UPDATE_FAILED DNS update
failed: NT_STATUS_UNSUCCESSFUL And when I "leave", I get: net ads leave
-U Administrator Enter Administrator's password: Deleted account for
'DTMBR01' in realm 'DTS***M.LAN' So, I look for what where? The DC
handling the join does not
>
>> then rejoin
>>
>> Links:
>>
------
>> [1] http://www.donelsontrophy.com [1]
>>
>>
Content-Transfer-Encoding: 7bit From: Bob of Donelson Trophy
<bob at donelsontrophy.net> Precedence: list MIME-Version: 1.0 To:
samba at lists.samba.org References:
<0bf13972bd5357f87883247c5e3e18bf at donelsontrophy.net>
<54D724AF.5070006 at googlemail.com> In-Reply-To:
<54D724AF.5070006 at googlemail.com> Date: Sun, 08 Feb 2015 08:20:44 -0600
Reply-To: bob at donelsontrophy.net Message-ID:
<8d7d6a8b3683ca26112993eb24849853 at donelsontrop
> ; Content-Type:
text/plain Subject: Re: [Samba]
=?utf-8?q?ERROR=5FDNS=5FUPDATE=5FFAILED_and_NT=5FSTATUS?=
=?utf-8?q?=5FUNSUCCESSFUL?= Message: 12 Once again, Bob is in 'the land
of unknown bind knowledge.' What type of data am I adding? Shouldn't
dns_update be run when adding the member server? Is this a
"simple-bind-dn"? hum-m-m-m! --- ------------------------- Bob Wooden of
Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [1] "Everyone
deserves an award!!" On 2015-02-08 02:56, Rowland Penny wrote: On
06/02/15 18:45, Bob of Donelson Trophy wrote: I have been struggling
with getting a member server to join my domain. Thanks to testing and
using a VM, I can get the test member server to join my domain. The
member server on "real hardware" cannot join, well sort of. When I
"join", I get: net ads join -U Administrator Enter Administrator's
password: Using short domain name -- DTS***M Joined 'DTMBR01' to dns
domain 'dts***m.lan' DNS Update for dtmember01.dts***m.lan failed:
ERROR_DNS_UPDATE_FAILED DNS update failed: NT_STATUS_UNSUCCESSFUL And
when I "leave", I get: net ads leave -U Administrator Enter
Administrator's password: Deleted account for 'DTMBR01' in realm
'DTS***M.LAN' So, I look for what where? Hi Bob, your machine is
actually joining the domain, it is the dns adding bit that is failing,
try joining again and see if you can connect from another client, if it
doesn't, run 'samba-tool dns add --help' and from this work out how to
add the computers dns records. Rowland
>
> Links:
> ------
> [1] Once
again, Bob is in 'the land of unknown bind knowledge.' What type of data
am I adding? Shouldn't dns_update be run when adding the member server?
Is this a "simple-bind-dn"? hum-m-m-m! --- ------------------------- Bob
Wooden of Donelson Trophy 615.885.2846 (main) www.donelsontrophy.com [1]
"Everyone deserves an award!!" On 2015-02-08 02:56, Rowland Penny wrote:
On 06/02/15 18:45, Bob of Donelson Trophy wrote: I have been struggling
with getting a member server to join my domain. Thanks to testing and
using a VM, I can get the test member server to join my domain. The
member server on "real hardware" cannot join, well sort of. When I
"join", I get: net ads join -U Administrator Enter Administrator's
password: Using short domain name -- DTS***M Joined 'DTMBR01' to dns
domain 'dts***m.lan' DNS Update for dtmember01.dts***m.lan failed:
ERROR_DNS_UPDATE_FAILED DNS update failed: NT_STATUS_UNSUCCESSFUL And
when I "leave", I get: net ads leave -U Administrator Enter
Administrator's password: Deleted account for 'DTMBR01' in realm
'DTS***M.LAN' So, I look for what where? Hi Bob, your machine is
actually joining the domain, it is the dns adding bit that is failing,
try joining again and see if you can connect from another client, if it
doesn't, run 'samba-tool dns add --help' and from this work out how to
add the computers dns records. Rowland Links: ------ [1]
http://www.donelsontrophy.com [1]
>
> OK, test your member ser>
lt;Member Server FQDN> A Where: <DC FQDN> is the fully qualified domain
name of the DC i.e. DC.example.com <DNS Domain> is the domain name you
are using i.e. example.com <Member Server FQDN> is the fully qualified
domain name of the Member Server i.e. memberserver.example.com If it
isn't there, then add it: samba-tool dns add <DC FQDN> <DNS Domain>
<Member Server FQDN> A <IPaddress> <IPaddress> is the member server
ipaddress i.e. 192.168.0.247 Rowland
>>
>> From: Nico Kadel-Garcia
<nkadel at gmail.com>
>> Precedence: list
>> MIME-Version: 1.0
>> To:
"samba at lists.samba.org" <samba at lists.samba.org>
>> Date: Sun, 8 Feb 2015
09:52:56 -0500
>> Message-ID:
<CAOCN9rz1afFyCtEnOXQ9F40h2-KKJYeuXX1VkdzQdsSPRWr3Ew at mail.gmail.com>
>>
Content-Type: text/plain; charset=UTF-8
>> Subject: [Samba]
https://download.samba.org/pub/samba/ [2] is broken ?
>> Message: 14
>>
>> Looks like https://download.samba.org/pub/samba/ [2] is failing.
Other
>> targets, such as
https://download.samba.org/pub/samba/old-versions/, [3]
>> are
working.
>>
>> It's not a problem for me personally today, I was just
pointing
>> someone to the source tarball and noticed the issue.
>>
>>
_______________________________________________ samba mailing list
>
to:samba at lists.samba.org">samba at lists.samba.org
https://lists.samba.org/mailman/listinfo/samba [4]
Links:
------
[1]
http://www.donelsontrophy.com
[2]
https://download.samba.org/pub/samba/
[3]
https://download.samba.org/pub/samba/old-versions/,
[4]
https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list