[Samba] Unable to join DC to domain

IT Admin it at cliffbells.com
Mon Mar 21 21:25:27 UTC 2016 

No dice.

Logged in to a workstation with RSAT installed.  Added computer to OU
Domain Controllers, closed ADUC, attempted join again.

itwerks at cbadc03:~$ kinit
Administrator
Password for Administrator at CB.CLIFFBELLS.COM:
itwerks at cbadc03:~$ klist
-e
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: Administrator at CB.CLIFFBELLS.COM

Valid starting       Expires              Service principal
03/21/2016 17:21:42  03/22/2016 03:21:42  krbtgt/
CB.CLIFFBELLS.COM at CB.CLIFFBELLS.COM
        renew until 03/22/2016 17:21:29, Etype (skey, tkt):
aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
itwerks at cbadc03:~$ sudo /usr/local/samba/bin/samba-tool domain join
cb.cliffbells.com DC -Uadministrator --realm=CB.CLIFFBELLS.COM
--dns-backend=SAMBA_INTERNAL
[sudo] password for itwerks:
Finding a writeable DC for domain 'cb.cliffbells.com'
Found DC filer.cb.cliffbells.com
Password for [WORKGROUP\administrator]:
workgroup is CB
realm is cb.cliffbells.com
checking sAMAccountName
Deleted CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com
Adding CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com
Join failed - cleaning up
checking sAMAccountName
ERROR(ldb): uncaught exception - LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS -
<00002071: ../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index
objectSid in CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com -
../lib/ldb/ldb_tdb/ldb_index.c:1148: unique index violation on objectSid in
CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com> <>
  File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line
621, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
1183, in join_DC
    ctx.do_join()
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
1086, in do_join
    ctx.join_add_objects()
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
536, in join_add_objects
    ctx.samdb.add(rec)
itwerks at cbadc03:~

Please advise.

JS
On Mar 21, 2016 3:54 PM, "Rowland penny" <rpenny at samba.org> wrote:

> On 21/03/16 04:26, IT Admin wrote:
>
>> I cannot join two new VMs to my domain, I receive the following error on
>> both machines:
>>
>> twerks at cbadc03:~$ kinit
>> Administrator
>> Password for Administrator at CB.CLIFFBELLS.COM:
>> itwerks at cbadc03:~$ klist -e
>> Ticket cache: FILE:/tmp/krb5cc_1000
>> Default principal: Administrator at CB.CLIFFBELLS.COM
>>
>> Valid starting       Expires              Service principal
>> 03/21/2016 00:19:56  03/21/2016 10:19:56  krbtgt/
>> CB.CLIFFBELLS.COM at CB.CLIFFBELLS.COM
>>          renew until 03/22/2016 00:19:41, Etype (skey, tkt):
>> aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
>> itwerks at cbadc03:~$ sudo /usr/local/samba/bin/samba-tool domain join
>> cb.cliffbells.com DC -Uadministrator --realm=CB.CLIFFBELLS.COM
>> --dns-backend=SAMBA_INTERNAL
>> Finding a writeable DC for domain 'cb.cliffbells.com'
>> Found DC filer.cb.cliffbells.com
>> Password for [WORKGROUP\administrator]:
>> workgroup is CB
>> realm is cb.cliffbells.com
>> checking sAMAccountName
>> Adding CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com
>> Join failed - cleaning up
>> checking sAMAccountName
>> ERROR(ldb): uncaught exception - LDAP error 68 LDAP_ENTRY_ALREADY_EXISTS -
>> <00002071: ../lib/ldb/ldb_tdb/ldb_index.c:1216: Failed to re-index
>> objectSid in CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com -
>> ../lib/ldb/ldb_tdb/ldb_index.c:1148: unique index violation on objectSid
>> in
>> CN=CBADC03,OU=Domain Controllers,DC=cb,DC=cliffbells,DC=com> <>
>>    File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
>> line 175, in _run
>>      return self.run(*args, **kwargs)
>>    File
>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
>> line
>> 621, in run
>>      machinepass=machinepass, use_ntvfs=use_ntvfs,
>> dns_backend=dns_backend)
>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
>> 1183, in join_DC
>>      ctx.do_join()
>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
>> 1086, in do_join
>>      ctx.join_add_objects()
>>    File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
>> 536, in join_add_objects
>>      ctx.samdb.add(rec)
>> itwerks at cbadc03:~$
>>
>> Neither machine exists in ADUC on either of my current DCs.  Neither
>> machine has any records in DNS.  I ran ldbsearch and dumped it's output to
>> a text file, there are no references to either machine name in the file.
>>
>> Please advise.
>>
>> JS
>>
>
> The join seems to be failing because it seems to be trying to add an
> objectsid that already exists:
>
> unique index violation on objectSid in CN=CBADC03,OU=Domain
> Controllers,DC=cb,DC=cliffbells,DC=com
>
> Try pre-creating the computer in 'OU=Domain
> Controllers,DC=cb,DC=cliffbells,DC=com' and then try joining again.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list