[Samba] Unable to join DC to domain

Rowland penny rpenny at samba.org
Mon Mar 21 19:51:20 UTC 2016 

On 21/03/16 04:26, IT Admin wrote:
> I cannot join two new VMs to my domain, I receive the following error on
> both machines:
>
> twerks at cbadc03:~$ kinit
> Administrator
> Password for Administrator at CB.CLIFFBELLS.COM:
> itwerks at cbadc03:~$ klist -e
> Ticket cache: FILE:/tmp/krb5cc_1000
> Default principal: Administrator at CB.CLIFFBELLS.COM
>
> Valid starting       Expires              Service principal
> 03/21/2016 00:19:56  03/21/2016 10:19:56  krbtgt/
> CB.CLIFFBELLS.COM at CB.CLIFFBELLS.COM
>          renew until 03/22/2016 00:19:41, Etype (skey, tkt):
> aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
> itwerks at cbadc03:~$ sudo /usr/local/samba/bin/samba-tool domain join
> cb.cliffbells.com DC -Uadministrator --realm=CB.CLIFFBELLS.COM
> --dns-backend=SAMBA_INTERNAL
> Finding a writeable DC for domain 'cb.cliffbells.com'
> Found DC filer.cb.cliffbells.com
> Password for [WORKGROUP\administrator]:
> workgroup is CB
> realm is cb.cliffbells.com
> checking sAMAccountName
> Adding CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com
> Join failed - cleaning up
> checking sAMAccountName
> ERROR(ldb): uncaught exception - LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS -
> <00002071: ../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index
> objectSid in CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com -
> ../lib/ldb/ldb_tdb/ldb_index.c:1148: unique index violation on objectSid in
> CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com> <>
>    File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> line 175, in _run
>      return self.run(*args, **kwargs)
>    File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line
> 621, in run
>      machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
> 1183, in join_DC
>      ctx.do_join()
>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
> 1086, in do_join
>      ctx.join_add_objects()
>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
> 536, in join_add_objects
>      ctx.samdb.add(rec)
> itwerks at cbadc03:~$
>
> Neither machine exists in ADUC on either of my current DCs.  Neither
> machine has any records in DNS.  I ran ldbsearch and dumped it's output to
> a text file, there are no references to either machine name in the file.
>
> Please advise.
>
> JS

The join seems to be failing because it seems to be trying to add an 
objectsid that already exists:

unique index violation on objectSid in CN=CBADC03,OU=Domain 
Controllers,DC=cb,DC=cliffbells,DC=com

Try pre-creating the computer in 'OU=Domain 
Controllers,DC=cb,DC=cliffbells,DC=com' and then try joining again.

Rowland

More information about the samba mailing list