[Samba] Error joining Samba 4.7.4 DC to existing Win2008R2 domain

Thu Feb 22 16:32:47 UTC 2018

I have an existing Win2008-R2 domain with a single DC and I'd like to 
replace this DC with a Samba 4 DC.

I'm using VirtualBox VMs to test the migration before going to production.
I've cloned Windows 2008R2 Server into the first VM, then installed 
Ubuntu_18.04_server_x64_daily (Samba 4.7.4) into another VM.

Win2008-R2:?? hostname=SRVAD-OLD, IP: 10.0.3.90
Ubuntu_18.04: hostname=SRVAD-NEW, IP: 10.0.3.100

The two machines are connected to the same virtual network and can ping 
each other.

Now, when I run samba-tool to join the domain, the join fails with this 
error:

======================================================
root at srvad-new:~# samba -V
Version 4.7.4-Ubuntu

root at srvad-new:~# samba-tool domain join samdom.local DC 
-U"SAMDOM.LOCAL\Administrator" --dns-backend=BIND9_DLZ 
--option="interfaces=eth_lan" --verbose

Finding a writeable DC for domain 'SAMDOM.LOCAL'
Found DC SRVAD-OLD.SAMDOM.LOCAL
Password for [SAMDOM.LOCAL\Administrator]:
workgroup is SAMDOM
realm is SAMDOM.LOCAL
Adding CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Adding 
CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT
Adding CN=NTDS 
Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT
Adding SPNs to CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Setting account password for SRVAD-NEW$
Enabling account
Adding DNS account CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=IT with dns/ SPN
Setting account password for dns-SRVAD-NEW
Calling bare provision
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
A Kerberos configuration suitable for Samba AD has been generated at 
/var/lib/samba/private/krb5.conf
Provision OK for domain DN DC=SAMDOM,DC=IT
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[402/1557] 
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[804/1557] 
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[1206/1557] 
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[1553/1557] 
linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[402/2158] 
linked_values[0/20]
Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[804/2158] 
linked_values[0/20]
Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[1206/2158] 
linked_values[0/20]
Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[1608/2158] 
linked_values[0/20]
Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[1803/2158] 
linked_values[20/20]
Replicating critical objects from the base DN of the domain
Partition[DC=SAMDOM,DC=IT] objects[97/169] linked_values[0/0]
Partition[DC=SAMDOM,DC=IT] objects[396/1567] linked_values[0/0]
Partition[DC=SAMDOM,DC=IT] objects[798/1567] linked_values[0/0]
Partition[DC=SAMDOM,DC=IT] objects[908/1567] linked_values[0/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=SAMDOM,DC=IT
Partition[DC=DomainDnsZones,DC=SAMDOM,DC=IT] objects[21/21] 
linked_values[0/0]
Replicating DC=ForestDnsZones,DC=SAMDOM,DC=IT
Partition[DC=ForestDnsZones,DC=SAMDOM,DC=IT] objects[94/94] 
linked_values[0/0]
Exop on[CN=RID Manager$,CN=System,DC=SAMDOM,DC=IT] objects[3] 
linked_values[0]
Committing SAM database
Adding 1 remote DNS records for SRVAD-NEW.SAMDOM.LOCAL
Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100
Join failed - cleaning up
Deleted CN=RID Set,CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Deleted CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Deleted CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=IT
Deleted CN=NTDS 
Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT
Deleted 
CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT
ERROR(runtime): uncaught exception - (9003, 
'WERR_DNS_ERROR_RCODE_NAME_ERROR')
 ? File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
line 176, in _run
 ??? return self.run(*args, **kwargs)
 ? File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 
661, in run
 ??? machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
 ? File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in 
join_DC
 ??? ctx.do_join()
 ? File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1384, in 
do_join
 ??? ctx.join_add_dns_records()
 ? File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1116, in 
join_add_dns_records
 ??? dns_partition=domaindns_zone_dn)
 ? File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 939, in 
dns_lookup
 ??? dns_partition=dns_partition)
======================================================

I've googled for'WERR_DNS_ERROR_RCODE_NAME_ERROR' but haven't found 
anything.
Hope someone could shed some light on this...