[Samba] [SPAMVERDACHT] Re: Samba4 Join a domain as a DC

Daniel Müller mueller at tropenklinik.de
Fri Jul 10 07:28:21 UTC 2015


Did you made on your 2cnd DC (Linux/Samba4) no provision but: samba-tool domain join Yourdomain DC -Uadministrator --realm=your.realm --dns-backend=BIND9_DLZ (your type of dns)
Output should be ex:

samba-tool domain join tplk.loc DC -Uadministrator --realm=tplk.loc --dns-backend=BIND9_DLZ
Finding a writeable DC for domain 'tplk.loc'
Found DC s4master.tplk.loc
Password for [WORKGROUP\administrator]:
workgroup is TPLK
realm is tplk.loc
checking sAMAccountName
Adding CN=S4SLAVE,OU=Domain Controllers,DC=tplk,DC=loc
Adding CN=S4SLAVE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=tplk,DC=loc
Adding CN=NTDS Settings,CN=S4SLAVE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=tplk,DC=loc
Adding SPNs to CN=S4SLAVE,OU=Domain Controllers,DC=tplk,DC=loc
Setting account password for S4SLAVE$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=tplk,DC=loc
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=tplk,DC=loc] objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=tplk,DC=loc] objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=tplk,DC=loc] objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=tplk,DC=loc] objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=tplk,DC=loc] objects[402/1615] linked_values[0/0]
Partition[CN=Configuration,DC=tplk,DC=loc] objects[804/1615] linked_values[0/0]
Partition[CN=Configuration,DC=tplk,DC=loc] objects[1206/1615] linked_values[0/0]
Partition[CN=Configuration,DC=tplk,DC=loc] objects[1608/1615] linked_values[0/0]
Partition[CN=Configuration,DC=tplk,DC=loc] objects[1615/1615] linked_values[28/0]
Replicating critical objects from the base DN of the domain
Partition[DC=tplk,DC=loc] objects[98/98] linked_values[23/0]
Partition[DC=tplk,DC=loc] objects[365/267] linked_values[23/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=tplk,DC=loc
Partition[DC=DomainDnsZones,DC=tplk,DC=loc] objects[43/43] linked_values[0/0]
Replicating DC=ForestDnsZones,DC=tplk,DC=loc
Partition[DC=ForestDnsZones,DC=tplk,DC=loc] objects[18/18] linked_values[0/0]
Partition[DC=ForestDnsZones,DC=tplk,DC=loc] objects[36/18] linked_values[0/0]
Committing SAM database
Sending DsReplicateUpdateRefs for all the replicated partitions
Setting isSynchronized and dsServiceName
Setting up secrets database
Joined domain TPLK (SID S-1-5-21-3992219130-3766839027-700341254) as a DC

And on your windows 2008 you look into your dns if samba is in the zone? If not add the dns entries there.


EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen 
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de 

-----Ursprüngliche Nachricht-----
Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von zorg
Gesendet: Freitag, 10. Juli 2015 08:46
An: samba at lists.samba.org
Betreff: [SPAMVERDACHT] Re: [Samba] Samba4 Join a domain as a DC

Le 09/07/2015 18:20, Rowland Penny a écrit :
> On 09/07/15 17:06, zorg wrote:
>> But If i want my samba4 to be dns after when i ll decide to stop the 
>> other dc
>> can't i keep the to dns
>> Could you explain a bit
>> Le 09/07/2015 17:55, Marc Muehlfeld a écrit :
>>> Hello,
>>> Am 09.07.2015 um 17:04 schrieb zorg:
>>>> following this
>>>> https://wiki.samba.org/index.php/Check_and_fix_DNS_entries_on_DC_jo
>>>> ins
>>>> But i  do
>>>> samba-tool dns add EPSILUM _msdcs.myos.local 
>>>> d4aBdfb0-8937-465a-af2d-d657fgh145ee CNAME smb4.myos.local If have 
>>>> got
>>>>   ERROR(runtime): uncaught exception - (9601,
>>>> ‎ File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
>>>> line
>>>> 175, in _run
>>>> ‎ return self.run(*args, **kwargs)
>>>> ‎ File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 
>>>> 1070, in run ‎0, server, zone, name, add_rec_buf, None)
>>> During the DC join, have you configured that the new DC should not 
>>> be a DNS? E. g. by # samba-tool domain join ... --dns-backend=NONE 
>>> or did you choose DNS backend=NONE if you used the interactive way?
>>> In that case run this command on one of your DCs, having a DNS.
>>> Regards,
>>> Marc
> Hi, Active directory lives on DNS, if no DNS there is no Active 
> Directory.
> Best plan would be to run DNS on all DCs, this way if there is a 
> problem with one DC, you still have DNS. You should point each DC at 
> another DC, then have its own address to fall back on i.e. if the 
> ipaddress of DC1 is and the ipaddress of DC2 is 
>, then the /etc/resolv.conf on DC1 would be:
> search example.com
> nameserver
> nameserver
> and on DC2:
>  search example.com
> nameserver
> nameserver
> Rowland
I'll try to be more clear

My first AD is a windows 2008
I want to join my samba4 to the domain as a dc and then stop the windows 2008. but when i do

samba-tool dns add EPSILUM _msdcs.myos.local 
d4aBdfb0-8937-465a-af2d-d657fgh145ee CNAME smb4.myos.local
If have got
   ERROR(runtime): uncaught exception - (9601,
‎ File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
175, in _run
‎ return self.run(*args, **kwargs)
‎ File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
1070, in run
‎0, server, zone, name, add_rec_buf, None)

is this a samba-tool bug or what should i do to add it to my windows 
2008 dns


probeSys - spécialiste GNU/Linux
site web : http://www.probesys.com

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list