[Samba] SAMBA failed join domain DC
denis.shigapov
denis.shigapov at stroylandiya.ru
Tue Feb 20 03:47:06 UTC 2018
samba-tool domain join example.ru DC --server=srv-dc01.example.ru
--username=vas.lah --password=password --realm=EXAMPLE.RU --site=SITE2
-d 1 > /tmp/log.txt 2>&1
--------- config ---------
workgroup is EXAMPLE
realm is example.ru
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
The Kerberos KDC configuration for Samba AD is located at
/var/lib/samba/private/kdc.conf
A Kerberos configuration suitable for Samba AD has been generated at
/var/lib/samba/private/krb5.conf
Merge the contents of this file with your system krb5.conf or replace
it with this one. Do not create a symlink!
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=ru]
objects[402/2684] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=ru]
objects[804/2684] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=ru]
objects[1206/2684] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=ru]
objects[1608/2684] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=ru]
objects[2010/2684] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=ru]
objects[2412/2684] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=example,DC=ru]
objects[2654/2684] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=example,DC=ru] objects[402/7264]
linked_values[0/1969]
Partition[CN=Configuration,DC=example,DC=ru] objects[804/7264]
linked_values[0/1969]
......
Partition[CN=Configuration,DC=example,DC=ru] objects[5903/7264]
linked_values[98/1969]
Partition[CN=Configuration,DC=example,DC=ru] objects[6223/7264]
linked_values[326/1969]
Partition[CN=Configuration,DC=example,DC=ru] objects[6387/7264]
linked_values[427/1969]
Partition[DC=example,DC=ru] objects[165/1306] linked_values[89/25513]
Partition[DC=example,DC=ru] objects[235/1306] linked_values[0/25513]
Partition[DC=example,DC=ru] objects[494/42568] linked_values[28/25513]
Partition[DC=example,DC=ru] objects[744/42568] linked_values[0/25513]
Partition[DC=example,DC=ru] objects[986/42568] linked_values[498/25513]
Partition[DC=example,DC=ru] objects[1182/42568]
linked_values[303/25513]
......
Partition[DC=example,DC=ru] objects[42791/42568] linked_values[1/25513]
Partition[DC=example,DC=ru] objects[42887/42568] linked_values[3/25513]
Partition[DC=example,DC=ru] objects[42984/42568] linked_values[0/25513]
Partition[DC=example,DC=ru] objects[43020/42568] linked_values[0/25513]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[402/16777]
linked_values[0/0]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[775/16777]
linked_values[0/0]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[1144/16777]
linked_values[0/0]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[1519/16777]
linked_values[0/0]
......
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[21170/16777]
linked_values[0/0]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[21564/16777]
linked_values[0/0]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[21873/16777]
linked_values[0/0]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[22275/16777]
linked_values[0/0]
Partition[DC=DomainDnsZones,DC=example,DC=ru] objects[22297/16777]
linked_values[0/0]
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[402/2041]
linked_values[0/0]
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[775/2041]
linked_values[0/0]
.......
linked_values[0/0]
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[2522/2041]
linked_values[0/0]
Exop on[CN=RID Manager$,CN=System,DC=example,DC=ru] objects[3]
linked_values[0]
Adding 1 remote DNS records for SRV-SITE2-DC1.example.ru
Adding DNS A record SRV-SITE2-DC1.example.ru for IPv4 IP: 10.2.1.15
Could not find machine account in secrets database: Failed to fetch
machine account password for EXAMPLE from both secrets.ldb (Could not
find entry to match filter:
'(&(flatname=EXAMPLE)(objectclass=primaryDomain))' base: 'cn=Primary
Domains': No such object: dsdb_search at
../source4/dsdb/common/util.c:4636) and from
/var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
ERROR(runtime): uncaught exception - (9003,
'WERR_DNS_ERROR_RCODE_NAME_ERROR')
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 661, in run
machinepass=machinepass, use_ntvfs=use_ntvfs,
dns_backend=dns_backend)
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1474,
in join_DC
ctx.do_join()
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1384,
in do_join
ctx.join_add_dns_records()
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1116,
in join_add_dns_records
dns_partition=domaindns_zone_dn)
File "/usr/lib64/python2.7/site-packages/samba/samdb.py", line 939,
in dns_lookup
dns_partition=dns_partition)
Adding CN=SRV-SITE2-DC1,OU=Domain Controllers,DC=example,DC=ru
Adding CN=SRV-SITE2-
DC1,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Adding CN=NTDS Settings,CN=SRV-SITE2-
DC1,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Adding SPNs to CN=SRV-SITE2-DC1,OU=Domain Controllers,DC=example,DC=ru
Setting account password for SRV-SITE2-DC1$
Enabling account
Calling bare provision
Provision OK for domain DN DC=example,DC=ru
Starting replication
Replicating critical objects from the base DN of the domain
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=example,DC=ru
Replicating DC=ForestDnsZones,DC=example,DC=ru
Committing SAM database
Join failed - cleaning up
Deleted CN=RID Set,CN=SRV-SITE2-DC1,OU=Domain
Controllers,DC=example,DC=ru
Deleted CN=SRV-SITE2-DC1,OU=Domain Controllers,DC=example,DC=ru
Deleted CN=NTDS Settings,CN=SRV-SITE2-
DC1,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Deleted CN=SRV-SITE2-
DC1,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
В Пн, 19/02/2018 в 12:51 +0000, Rowland Penny via samba пишет:
> On Mon, 19 Feb 2018 17:40:25 +0500
> "denis.shigapov" <denis.shigapov at stroylandiya.ru> wrote:
>
> > the first letter sent a journal
> >
> > как можно
> > ========== log messages join DC============
> > ....more than a thousand lines of messages
>
> OK, run the command again without the '-d7' and post that output, I
> am trying to see how far the join gets before failing.
>
> Rowland
>
>
More information about the samba
mailing list