[Samba] Sysprep joins fail on Samba >= 4.2.0

Tue Sep 1 11:16:40 UTC 2015

I just tried 4.3.0rc3 and continues failing.

Thanks!

2015-08-04 8:37 GMT+02:00 L.P.H. van Belle <belle at bazuin.nl>:

> Hai,
>
> Have you tried 4.2.3 ? which contains lots of fixes.
>
> But im intrested in your setup for sysprep with auto join,
> i was just looking in to that, any tips for me.
> Then i can try to reproduce your problem here then also.
> i upgraded my sernet samba yesterday to 4.2.3.
>
> Greetz,
>
> Louis
>
>
> >-----Oorspronkelijk bericht-----
> >Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> >Webmaster IESCDM
> >Verzonden: maandag 3 augustus 2015 16:02
> >Aan: samba at lists.samba.org
> >Onderwerp: Re: [Samba] Sysprep joins fail on Samba >= 4.2.0
> >
> >Isn't anyone around using > 4.2 and SYSPREP with AUTO JOIN?
> >
> >2015-06-24 10:52 GMT+02:00 Webmaster IESCDM
> ><admies at ieschandomonte.edu.es>:
> >
> >> Hi,
> >>
> >> We have a samba 4.2.2 setup compiled from source, single DC,
> >internal DNS.
> >> We've been using this samba setup in production since
> >version 4.0.3. All
> >> clients are Windows 7-x64.
> >>
> >> Since we upgraded to samba 4.2.0 back in march 2015, we are
> >not able to
> >> join client machines to the domain using our sysprep
> >unattended image, but
> >> joining machines via the manual procedure using the Windows GUI works
> >> perfectly.
> >>
> >> Perhaps we're overlooking something very obvious, but we've
> >done 3+ weeks
> >> of research on the issue and we've come up to these conclusions:
> >>
> >> - samba < 4.2.0: unattended joins using sysprep work OK
> >>
> >> - samba >= 4.2.0 unattended joins using sysprep fail.
> >Netsetup.log errors
> >> 0x54a and 1354 (ERROR_INVALID_DOMAIN_ROLE This operation is
> >only allowed
> >> for the primary Domain Controller of the domain.)
> >>
> >> To discard possible own database corruptions, we've rolled
> >back to our
> >> past 4.1.17 setup and sysprep domain join works flawlessly.
> >Then we update
> >> this environment to 4.2.2 and it stops working.
> >>
> >> We've also tested pushing all our current databases from our
> >current setup
> >> (4.2.2) into a 4.1.17 samba and it works!
> >>
> >> So it leads us to think it might be a problem with some
> >change introduced
> >> at 4.2.0
> >> regarding domain join that only shows up when trying to do unattended
> >> joins.
> >>
> >> In case this is of any help, packet-level research using
> >wireshark shows
> >> that the only difference between versions that work and those which
> >> doesn't
> >> is the following:
> >>
> >> - samba < 4.2.0 (works): the RPC_NETL DsrGetDcNameEx2
> >response returns the
> >> DC name field as DCSERVER.DOMAIN.LOCAL and the unattended
> >join process
> >> works OK from that point onwards.
> >>
> >> - samba >= 4.2.0 (fails): the DsrGetDcNameEx2 response
> >returns the DC name
> >> field as
> >> DCSERVER and the unattended join process doesn't work. It
> >keeps retrying
> >> that
> >> DsrGetDcNameEx2 request to no avail.
> >>
> >> Are there any changes on 4.2.0 that might point to this failure for
> >> unattended joins? Joining the domain through the usual GUI
> >procedure in
> >> Windows 7 works OK using any version.
> >>
> >> NB. We are using a .local TLD, and our current fileserver is
> >the same as
> >> the DC. We missed those recommendations
> >>
> >> Thanks in advance for any help
> >>
> >> Regards,
> >>
> >> IT Team IES Chan do Monte
> >>
> >>
> >>
> >--
> >To unsubscribe from this list go to the following URL and read the
> >instructions:  https://lists.samba.org/mailman/options/samba
> >
> >
>
>