[Samba] SAMBA failed join domain DC
denis.shigapov
denis.shigapov at stroylandiya.ru
Wed Feb 21 12:00:20 UTC 2018
And why are you against Samba AD DC?
I do not have a user "Administrator"
I RUN: samba-tool domain join EXAMPLE DC -Uvas.lah --password=password --realm=EXAMPLE.RU --site=SITE2 -d 2
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Finding a writeable DC for domain 'EXAMPLE'
Found DC srv-site3-dc01.example.ru
workgroup is EXAMPLE
realm is example.ru
Adding CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Adding CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Adding CN=NTDS Settings,CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Join failed - cleaning up
Could not find machine account in secrets database: Failed to fetch machine account password for EXAMPLE from both secrets.ldb (Could not find entry to match
filter: '(&(fl
atname=EXAMPLE)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No such object: dsdb_search at ../source4/dsdb/common/util.c:4636) and from
/var/lib/samba/private/
secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Deleted CN=NTDS Settings,CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Deleted CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
ERROR(ldb): uncaught exception - LDAP error 10 LDAP_REFERRAL - <0000202B: RefErr: DSID-030A0B09, data 0, 1 access points
ref 1: '7bbe1649-5261-430c-b473-9b85a36719b5._msdcs.example.ru'
> <ldap://7bbe1649-5261-430c-b473-9b85a36719b5._msdcs.example.ru>
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line 661, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1474, in join_DC
ctx.do_join()
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1375, in do_join
ctx.join_add_objects()
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 668, in join_add_objects
ctx.samdb.modify(m)
samba-tool domain join EXAMPLE DC --realm=EXAMPLE.RU -Uvas.lah --server=srv-dc01.example.ru --password=password --site=SITE2 -d 2
......
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[1163/2778] linked_values[0/0]
Replicated 388 objects (0 linked attributes) for DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[1565/2778] linked_values[0/0]
Replicated 402 objects (0 linked attributes) for DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[1967/2778] linked_values[0/0]
Replicated 402 objects (0 linked attributes) for DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[2369/2778] linked_values[0/0]
Replicated 402 objects (0 linked attributes) for DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[2535/2778] linked_values[0/0]
Replicated 166 objects (0 linked attributes) for DC=ForestDnsZones,DC=example,DC=ru
Exop on[CN=RID Manager$,CN=System,DC=example,DC=ru] objects[3] linked_values[0]
Replicated 3 objects (0 linked attributes) for DC=example,DC=ru
Committing SAM database
Adding 1 remote DNS records for SRV-SITE2-DC01.example.ru
Adding DNS A record SRV-SITE2-DC01.example.ru for IPv4 IP: 10.2.1.15
Join failed - cleaning up
Could not find machine account in secrets database: Failed to fetch machine account password for EXAMPLE from both secrets.ldb (Could not find entry to match
filter: '(&(fl
atname=EXAMPLE)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No such object: dsdb_search at ../source4/dsdb/common/util.c:4636) and from
/var/lib/samba/private/
secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=RID Set,CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Deleted CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Deleted CN=NTDS Settings,CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Deleted CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
ERROR(runtime): uncaught exception - (9003, 'WERR_DNS_ERROR_RCODE_NAME_ERROR')
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line 661, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1474, in join_DC
ctx.do_join()
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1384, in do_join
ctx.join_add_dns_records()
File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1116, in join_add_dns_records
dns_partition=domaindns_zone_dn)
File "/usr/lib64/python2.7/site-packages/samba/samdb.py", line 939, in dns_lookup
dns_partition=dns_partition)
В Ср, 21/02/2018 в 08:59 +0000, Rowland Penny via samba пишет:
> On Wed, 21 Feb 2018 10:45:43 +0500
> "denis.shigapov" <denis.shigapov at stroylandiya.ru> wrote:
>
> > Not join
> > samba-tool domain join EXAMPLE DC -Uvas.lah --password=password
> > --realm=EXAMPLE.RU --site=SITE2 find srv-site3-dc01 and the same
> > error occurred
> >
> > samba-tool domain join EXAMPLE DC -UAdministrator --password=password
> > --server=srv-dc01.example.ru --realm=EXAMPLE.RU --site=SITE2 returned
> > the original error
> >
> >
> > vas.lah - domain administrator
> > also tried the user with the rights: enterprice admins and scheme
> > admins
> >
> > Samba 4.6 previously tried and joined the domain, but due to
> > replication errors it was abandoned
> >
> >
>
> Is there some reason why you will not try the exact join command I
> posted ???
>
> I can assure you that the join command works on 4.7.5, I did it last
> Friday, albeit against a Samba AD DC.
>
> You shouldn't get replication errors, perhaps the problem lies on the
> windows DC you are trying to join to ?
>
> Rowland
>
>
More information about the samba
mailing list