[Samba] WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain

Daniel McFeeters danielj.mcfeeters at lcdhd.org
Thu Dec 21 18:16:05 UTC 2017 

I thought I had posted already, but my first message may have been confusing. Here is the output of the domain join:

$ sudo samba-tool domain join redacted.domain.local DC -U"REDACTED\my.domain.admin"  --dns-backend=SAMBA_INTERNAL
Finding a writeable DC for domain 'redacted.domain.local'
Found DC samba4dom.redacted.domain.local
Password for [REDACTED\my.domain.admin]:
NO DNS zone information found in source domain, not replicating DNS
workgroup is REDACTED
realm is redacted.domain.local
Adding CN=SAMBA4DC2,OU=Domain Controllers,DC=redacted,DC=domain,DC=local
Adding CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
Adding CN=NTDS Settings,CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
Adding SPNs to CN=SAMBA4DC2,OU=Domain Controllers,DC=redacted,DC=domain,DC=local
Setting account password for SAMBA4DC2$
Enabling account
Calling bare provision
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/private/krb5.conf
Provision OK for domain DN DC=redacted,DC=domain,DC=local
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[402/1606] linked_values[0/0]
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[804/1606] linked_values[0/0]
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[1206/1606] linked_values[0/0]
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[1605/1606] linked_values[22/22]
Replicating critical objects from the base DN of the domain
Partition[DC=redacted,DC=domain,DC=local] objects[76/74] linked_values[21/21]
Partition[DC=redacted,DC=domain,DC=local] objects[478/19960] linked_values[0/0]
Failed to commit objects: WERR_DS_DRA_MISSING_PARENT
Join failed - cleaning up
Deleted CN=SAMBA4DC2,OU=Domain Controllers,DC=redacted,DC=domain,DC=local
Deleted CN=NTDS Settings,CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
Deleted CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
ERROR(runtime): uncaught exception - (8460, "Failed to process 'chunk' of DRS replicated objects: WERR_DS_DRA_MISSING_PARENT")
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 661, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in join_DC
    ctx.do_join()
  File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1377, in do_join
    ctx.join_replicate()
  File "/usr/lib/python2.7/dist-packages/samba/join.py", line 936, in join_replicate
    replica_flags=ctx.domain_replica_flags)
  File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 295, in replicate
    schema=schema, req_level=req_level, req=req)
$

Daniel McFeeters 


----- Original Message -----
> From: "samba" <samba at lists.samba.org>
> To: "samba" <samba at lists.samba.org>
> Sent: Thursday, December 21, 2017 12:43:07 PM
> Subject: Re: [Samba] WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain

> On Thu, 21 Dec 2017 12:16:23 -0500 (EST)
> Daniel McFeeters <danielj.mcfeeters at lcdhd.org> wrote:

> > I am not able to join a second domain controller to the domain,
> > though. Is this a samba bug, or is there something I can do to fix
> > the WERR_DS_DRA_MISSING_PARENT error?

> > Daniel McFeeters


> Can you post the join command you are using and the the command output.

> Rowland

> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list