[Samba] Unable to join DC to domain

IT Admin it at cliffbells.com
Mon Mar 21 17:29:13 UTC 2016


Yes, I have:

itwerks at cbadc03:~$ sudo /etc/init.d/samba4 stop
[sudo] password for itwerks:
[ ok ] Stopping samba4 (via systemctl): samba4.service
itwerks at cbadc03:~$ sudo mkdir /usr/local/samba-backups/3.21.2016 && sudo mv
/usr/local/samba/private /usr/local/samba-backups/3.21.2016/
itwerks at cbadc03:~$ ls -la /usr/local/samba/etc/
total 8
drwxr-xr-x 2 root root 4096 Mar 17 06:17 .
drwxr-xr-x 9 root root 4096 Mar 21 13:23 ..
itwerks at cbadc03:~$ kinit
Administrator
Password for Administrator at CB.CLIFFBELLS.COM:
itwerks at cbadc03:~$ klist
-e
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: Administrator at CB.CLIFFBELLS.COM

Valid starting       Expires              Service principal
03/21/2016 13:24:37  03/21/2016 23:24:37  krbtgt/
CB.CLIFFBELLS.COM at CB.CLIFFBELLS.COM
        renew until 03/22/2016 13:24:25, Etype (skey, tkt):
aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
itwerks at cbadc03:~$ sudo /usr/local/samba/bin/samba-tool domain join
cb.cliffbells.com DC -Uadministrator --realm=CB.CLIFFBELLS.COM
--dns-backend=SAMBA_INTERNAL
Finding a writeable DC for domain 'cb.cliffbells.com'
Found DC filer.cb.cliffbells.com
Password for [WORKGROUP\administrator]:
workgroup is CB
realm is cb.cliffbells.com
checking sAMAccountName
Adding CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com
Join failed - cleaning up
checking sAMAccountName
ERROR(ldb): uncaught exception - LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS -
<00002071: ../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index
objectSid in CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com -
../lib/ldb/ldb_tdb/ldb_index.c:1148: unique index violation on objectSid in
CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com> <>
  File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line
621, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
1183, in join_DC
    ctx.do_join()
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
1086, in do_join
    ctx.join_add_objects()
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
536, in join_add_objects
    ctx.samdb.add(rec)
itwerks at cbadc03:~$

Both cbadc02 and cbadc03 exhibit this behavior.

JS
On Mar 21, 2016 10:16 AM, "Denis Cardon" <
denis.cardon at tranquil-it-systems.fr> wrote:

> Hi JS,
>
> Le 21/03/2016 05:26, IT Admin a écrit :
>
>> I cannot join two new VMs to my domain, I receive the following error on
>> both machines:
>>
>> twerks at cbadc03:~$ kinit
>> Administrator
>> Password for Administrator at CB.CLIFFBELLS.COM:
>> itwerks at cbadc03:~$ klist -e
>> Ticket cache: FILE:/tmp/krb5cc_1000
>> Default principal: Administrator at CB.CLIFFBELLS.COM
>>
>> Valid starting       Expires              Service principal
>> 03/21/2016 00:19:56  03/21/2016 10:19:56  krbtgt/
>> CB.CLIFFBELLS.COM at CB.CLIFFBELLS.COM
>>          renew until 03/22/2016 00:19:41, Etype (skey, tkt):
>> aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
>> itwerks at cbadc03:~$ sudo /usr/local/samba/bin/samba-tool domain join
>> cb.cliffbells.com DC -Uadministrator --realm=CB.CLIFFBELLS.COM
>> --dns-backend=SAMBA_INTERNAL
>> Finding a writeable DC for domain 'cb.cliffbells.com'
>> Found DC filer.cb.cliffbells.com
>> Password for [WORKGROUP\administrator]:
>> workgroup is CB
>> realm is cb.cliffbells.com
>> checking sAMAccountName
>> Adding CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com
>> Join failed - cleaning up
>> checking sAMAccountName
>>
>
>
> have you cleaned up the /usr/local/samba/private/ directory and
> /usr/local/samba/etc/smb.conf file before trying to rejoin the domain?
>
> HTH,
>
> Denis
>
> ERROR(ldb): uncaught exception - LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS -
>> <00002071: ../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index
>> objectSid in CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com -
>> ../lib/ldb/ldb_tdb/ldb_index.c:1148: unique index violation on objectSid
>> in
>> CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com> <>
>>    File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>> line 175, in _run
>>      return self.run(*args, **kwargs)
>>    File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
>> line
>> 621, in run
>>      machinepass=machinepass, use_ntvfs=use_ntvfs,
>> dns_backend=dns_backend)
>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
>> 1183, in join_DC
>>      ctx.do_join()
>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
>> 1086, in do_join
>>      ctx.join_add_objects()
>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
>> 536, in join_add_objects
>>      ctx.samdb.add(rec)
>> itwerks at cbadc03:~$
>>
>> Neither machine exists in ADUC on either of my current DCs.  Neither
>> machine has any records in DNS.  I ran ldbsearch and dumped it's output to
>> a text file, there are no references to either machine name in the file.
>>
>> Please advise.
>>
>> JS
>>
>>
> --
> Denis Cardon
> Tranquil IT Systems
> Les Espaces Jules Verne, bâtiment A
> 12 avenue Jules Verne
> 44230 Saint Sébastien sur Loire
> tel : +33 (0) 2.40.97.57.55
> http://www.tranquil-it-systems.fr
>
>


More information about the samba mailing list