[Samba] SAMBA failed join domain DC
denis.shigapov
denis.shigapov at stroylandiya.ru
Mon Feb 19 07:04:57 UTC 2018
Hi, I'm join samba to windows AD
OS Centos7samba version 4.7.5
======= settings =============cat /etc/resolv.conf # Generated by
NetworkManagersearch example.runameserver 192.168.25.1nameserver
192.168.25.2
cat /etc/krb5.conf[libdefaults] dns_lookup_realm =
false dns_lookup_kdc = true default_realm = EXAMPLE.RU
========== command JOIN DC==========
samba-tool domain join example.ru --server=srv-dc01.example.ru --
username=vas.lah --password=password --realm=EXAMPLE.RU --site=SITE2 -d
7
========== log messages join DC============
.....
Replicated 3 objects (0 linked attributes) for
DC=example,DC=ruCommitting SAM databaseDiscarding older DRS linked
attribute update to member on ........... ......Applying linked
attribute change:dn: <GUID=9922ff18-fa1f-4781-a126-
de32d26c61b7>;<SID=S-1-5-21-1715567821-920026266-839522115-
4194>;CN=12312,OU=fsdf,OU=Office,DC=example,DC=ruchangetype: modifyadd:
memberOfmemberOf: <GUID=272c834e-48ce-4002-8c95-c41781605d42>;<SID=S-1-
5-21-1715567821 -920026266-839522115-
1109>;CN=Commerce,OU=Security_Groups,OU=Services
Account s,DC=example,DC=ru
..........
added interface eth0 ip=10.2.1.15 bcast=10.2.7.255
netmask=255.255.248.0Adding 1 remote DNS records for SRV-SITE2-
DC1.example.ruUsing binding ncacn_ip_tcp:srv-
dc01.example.ru[,sign]Mapped to DCERPC endpoint 135added interface eth0
ip=10.2.1.15 bcast=10.2.7.255 netmask=255.255.248.0added interface eth0
ip=10.2.1.15 bcast=10.2.7.255 netmask=255.255.248.0resolve_lmhosts:
Attempting lmhosts lookup for name srv-
dc01.example.ru<0x20>getlmhostsent: lmhost entry: 127.0.0.1
localhost Mapped to DCERPC endpoint 52781added interface eth0
ip=10.2.1.15 bcast=10.2.7.255 netmask=255.255.248.0added interface eth0
ip=10.2.1.15 bcast=10.2.7.255 netmask=255.255.248.0resolve_lmhosts:
Attempting lmhosts lookup for name srv-
dc01.example.ru<0x20>getlmhostsent: lmhost entry: 127.0.0.1
localhost Starting GENSEC mechanism spnegoStarting GENSEC submechanism
gssapi_krb5GSSAPI credentials for vas.lah at EXAMPLE.RU will expire in
35645 secsgensec_gssapi: NO credentials were delegatedGSSAPI Connection
will be cryptographically signedAdding DNS A record SRV-SITE2-
DC1.example.ru for IPv4 IP: 10.2.1.15Join failed - cleaning upldb_wrap
open of secrets.ldbCould not find machine account in secrets database:
Failed to fetch machine account password for EXAMPLE from both
secrets.ldb (Could not find entry to match filter:
'(&(f$atname=EXAMPLE)(objectclass=primaryDomain))' base: 'cn=Primary
Domains': No such object: dsdb_search at
../source4/dsdb/common/util.c:4636) and from
/var/lib/samba/private$secrets.tdb:
NT_STATUS_CANT_ACCESS_DOMAIN_INFODeleted CN=RID Set,CN=SRV-SITE2-
DC1,OU=Domain Controllers,DC=example,DC=ruDeleted CN=SRV-SITE2-
DC1,OU=Domain Controllers,DC=example,DC=ruDeleted CN=NTDS
Settings,CN=SRV-SITE2-
DC1,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ruDelet
ed CN=SRV-SITE2-
DC1,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ruERROR
(runtime): uncaught exception - (9003,
'WERR_DNS_ERROR_RCODE_NAME_ERROR') File "/usr/lib64/python2.7/site-
packages/samba/netcmd/__init__.py", line 176, in _run return
self.run(*args, **kwargs) File "/usr/lib64/python2.7/site-
packages/samba/netcmd/domain.py", line 661, in
run machinepass=machinepass, use_ntvfs=use_ntvfs,
dns_backend=dns_backend) File "/usr/lib64/python2.7/site-
packages/samba/join.py", line 1474, in join_DC ctx.do_join() File
"/usr/lib64/python2.7/site-packages/samba/join.py", line 1384, in
do_join ctx.join_add_dns_records() File "/usr/lib64/python2.7/site-
packages/samba/join.py", line 1116, in
join_add_dns_records dns_partition=domaindns_zone_dn) File
"/usr/lib64/python2.7/site-packages/samba/samdb.py", line 939, in
dns_lookup dns_partition=dns_partition)
More information about the samba
mailing list