[Samba] WERR_DS_DRA_MISSING_PARENT error when joining new DC

[Denis Cardon]

Hi DreamySurfer212,
>
> When trying to join a new DC to an existing Samba4 domain, I am
> getting this WERR_DS_DRA_MISSING_PARENT error. Does any have any
> suggestions on how to fix it? My original 6 dc's are running the last
> free Sernet (4.2.14)  on CentOS6 and the error occurs if I use Sernet
> 4.2.14 or 4.7.5-Debian. I finally have time to upgrade and something
> is broke.

Samba 4.2.14 is EOL for quite some time... If you cannot afford the good 
work done by SerNet, then you need to use other packages.

> Thanks, Steve
>
> # samba-tool domain join mydomain DC -U"mydomain\administrator"
> --dns-backend=BIND9_DLZ
>
> Missing parent while attempting to apply records: No parent with GUID
> eb58e643-61d5-4e8c-8249-99d275b2779b found for object remotely known
> as CN=Enterprise Read-only Domain Controllers,OU=Security
> Groups,DC=mydomain,DC=com
>
> # ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs
> objectGUID=eb58e643-61d5-4e8c-8249-99d275b2779b dn: OU=Security
> Groups,DC=mydomain,DC=com

Have you switched all your domain DCs to 4.7, or is this error still 
shown from a 4.2 server?

is there any reasons for moving "Enterprise Read-only Domain
Controllers" group from CN=Users? Do you have tried to join RODC in your
4.2 domain??

Cheers,

Denis

>
> # samba-tool dbcheck --cross-ncs Checking 9088 objects Checked 9088
> objects (0 errors)
>

-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil.it

Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr