[Samba] Error joining Samba 4.7.4 DC to existing Win2008R2 domain

Claudio Nicora nicorac at yahoo.com
Fri Feb 23 08:52:47 UTC 2018 

Thanks for your help.

> On the Windows DC can you check that the A record is actually created?

Yes, it is, and it persists after join failure.
Another sign of presence of SRVAD-NEW on the old DC is the new computer 
account, created in "Domain controllers" folder in "Active Directory 
Users and Computers" at the beginning of join procedure then 
automatically removed just after the failure message.

 > Try with some additional debugging perhaps, using -d3

That's exactly what I meant with "shed some light"... that option should 
be mentioned in the "Joining a Samba DC to an Existing Active Directory" 
Wikipage ;)

Here's the new log:

============================================================
root at SRVAD-NEW:~# samba-tool domain join SAMDOM.LOCAL DC 
-U"SAMDOM.LOCAL\Administrator" --dns-backend=BIND9_DLZ 
--option="interfaces=eth_lan" --verbose -d3

lpcfg_load: refreshing parameters from /etc/samba/smb.conf
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Finding a writeable DC for domain 'SAMDOM.LOCAL'
resolve_lmhosts: Attempting lmhosts lookup for name 
_ldap._tcp.SAMDOM.LOCAL<0x0>
Found DC SRVAD-OLD.SAMDOM.LOCAL
resolve_lmhosts: Attempting lmhosts lookup for name 
SRVAD-OLD.SAMDOM.LOCAL<0x20>
Password for [SAMDOM.LOCAL\Administrator]:
workgroup is SAMDOM
realm is SAMDOM.LOCAL
Adding CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
Adding 
CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
Adding CN=NTDS 
Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
Using binding ncacn_ip_tcp:SRVAD-OLD.SAMDOM.LOCAL[,seal]
resolve_lmhosts: Attempting lmhosts lookup for name 
SRVAD-OLD.SAMDOM.LOCAL<0x20>
resolve_lmhosts: Attempting lmhosts lookup for name 
SRVAD-OLD.SAMDOM.LOCAL<0x20>
Adding SPNs to CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
Setting account password for SRVAD-NEW$
Enabling account
Adding DNS account CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=LOCAL with 
dns/ SPN
Setting account password for dns-SRVAD-NEW
Calling bare provision
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
ldb_wrap open of hklm.ldb
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
partition_metadata: Migrating partition metadata: open of metadata.tdb 
gave: (null)
A Kerberos configuration suitable for Samba AD has been generated at 
/var/lib/samba/private/krb5.conf
Provision OK for domain DN DC=SAMDOM,DC=LOCAL
Starting replication
Using binding ncacn_ip_tcp:SRVAD-OLD.SAMDOM.LOCAL[,seal]
resolve_lmhosts: Attempting lmhosts lookup for name 
SRVAD-OLD.SAMDOM.LOCAL<0x20>
resolve_lmhosts: Attempting lmhosts lookup for name 
SRVAD-OLD.SAMDOM.LOCAL<0x20>
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
objects[402/1557] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
objects[804/1557] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
objects[1206/1557] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
objects[1553/1557] linked_values[0/0]
Analyze and apply schema objects
Discarding older DRS attribute update to objectClass on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to whenCreated on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to objectVersion on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to showInAdvancedViewOnly on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to nTSecurityDescriptor on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to name on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to fSMORoleOwner on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to objectCategory on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to schemaInfo on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to objectClass on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to whenCreated on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to objectVersion on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to showInAdvancedViewOnly on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to nTSecurityDescriptor on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to name on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to fSMORoleOwner on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to objectCategory on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to schemaInfo on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to objectClass on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to whenCreated on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to objectVersion on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to showInAdvancedViewOnly on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to nTSecurityDescriptor on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to name on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to fSMORoleOwner on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to objectCategory on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to schemaInfo on 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Replicated 1553 objects (0 linked attributes) for 
CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL
Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[402/2386] 
linked_values[0/20]
Replicated 402 objects (0 linked attributes) for 
CN=Configuration,DC=SAMDOM,DC=LOCAL
Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[804/2386] 
linked_values[0/20]
Replicated 402 objects (0 linked attributes) for 
CN=Configuration,DC=SAMDOM,DC=LOCAL
Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[1206/2386] 
linked_values[0/20]
Replicated 402 objects (0 linked attributes) for 
CN=Configuration,DC=SAMDOM,DC=LOCAL
Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[1608/2386] 
linked_values[0/20]
Replicated 402 objects (0 linked attributes) for 
CN=Configuration,DC=SAMDOM,DC=LOCAL
Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[1812/2386] 
linked_values[20/20]
Replicated 203 objects (20 linked attributes) for 
CN=Configuration,DC=SAMDOM,DC=LOCAL
Replicating critical objects from the base DN of the domain
Partition[DC=SAMDOM,DC=LOCAL] objects[97/169] linked_values[0/0]
Replicated 97 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
Partition[DC=SAMDOM,DC=LOCAL] objects[396/1750] linked_values[0/0]
Replicated 299 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
Partition[DC=SAMDOM,DC=LOCAL] objects[798/1750] linked_values[0/0]
Replicated 399 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
Partition[DC=SAMDOM,DC=LOCAL] objects[917/1750] linked_values[0/0]
Replicated 119 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=SAMDOM,DC=LOCAL
Partition[DC=DomainDnsZones,DC=SAMDOM,DC=LOCAL] objects[21/21] 
linked_values[0/0]
Replicated 21 objects (0 linked attributes) for 
DC=DomainDnsZones,DC=SAMDOM,DC=LOCAL
Replicating DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL
Partition[DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL] objects[94/94] 
linked_values[0/0]
Replicated 94 objects (0 linked attributes) for 
DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL
Exop on[CN=RID Manager$,CN=System,DC=SAMDOM,DC=LOCAL] objects[3] 
linked_values[0]
Discarding older DRS attribute update to objectClass on CN=RID 
Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to whenCreated on CN=RID 
Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to showInAdvancedViewOnly on 
CN=RID Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to nTSecurityDescriptor on CN=RID 
Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to name on CN=RID 
Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to fSMORoleOwner on CN=RID 
Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
Discarding older DRS attribute update to systemFlags on CN=RID 
Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to objectCategory on CN=RID 
Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to isCriticalSystemObject on 
CN=RID Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
a9e55326-e32f-4da3-8baa-8cf29cbafded
Discarding older DRS attribute update to objectClass on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to whenCreated on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to displayName on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to nTSecurityDescriptor on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to name on CN=SRVAD-NEW,OU=Domain 
Controllers,DC=SAMDOM,DC=LOCAL from 5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to userAccountControl on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to codePage on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to countryCode on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to dBCSPwd on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to localPolicyFlags on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to logonHours on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to unicodePwd on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to ntPwdHistory on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to pwdLastSet on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to primaryGroupID on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to supplementalCredentials on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to objectSid on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to accountExpires on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to lmPwdHistory on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to sAMAccountName on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to sAMAccountType on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to dNSHostName on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to servicePrincipalName on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to objectCategory on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to isCriticalSystemObject on 
CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Discarding older DRS attribute update to msDS-SupportedEncryptionTypes 
on CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
5129d5e2-1df1-4299-bede-1eed9ff37869
Replicated 3 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
Committing SAM database
Adding 1 remote DNS records for SRVAD-NEW.SAMDOM.LOCAL
Using binding ncacn_ip_tcp:SRVAD-OLD.SAMDOM.LOCAL[,sign]
resolve_lmhosts: Attempting lmhosts lookup for name 
SRVAD-OLD.SAMDOM.LOCAL<0x20>
resolve_lmhosts: Attempting lmhosts lookup for name 
SRVAD-OLD.SAMDOM.LOCAL<0x20>
Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100
Join failed - cleaning up
ldb_wrap open of secrets.ldb
Could not find machine account in secrets database: Failed to fetch 
machine account password for SAMDOM from both secrets.ldb (Could not 
find entry to match filter: 
'(&(flatname=SAMDOM)(objectclass=primaryDomain))' base: 'cn=Primary 
Domains': No such object: dsdb_search at 
../source4/dsdb/common/util.c:4636) and from 
/var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=RID Set,CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
Deleted CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
Deleted CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=LOCAL
Deleted CN=NTDS 
Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
Deleted 
CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
ERROR(runtime): uncaught exception - (9003, 
'WERR_DNS_ERROR_RCODE_NAME_ERROR')
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
line 176, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 
661, in run
     machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in 
join_DC
     ctx.do_join()
   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1384, in 
do_join
     ctx.join_add_dns_records()
   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1116, in 
join_add_dns_records
     dns_partition=domaindns_zone_dn)
   File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 939, in 
dns_lookup
     dns_partition=dns_partition)
============================================================


This caught my attention, but I don't know how to fix it:
===
Could not find machine account in secrets database: Failed to fetch 
machine account password for SAMDOM from both secrets.ldb (Could not 
find entry to match filter: 
'(&(flatname=SAMDOM)(objectclass=primaryDomain))' base: 'cn=Primary 
Domains': No such object: dsdb_search at 
../source4/dsdb/common/util.c:4636) and from 
/var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
===

Thanks again for your help.



Il 22/02/2018 23:09, Garming Sam via samba ha scritto:
> On the Windows DC can you check that the A record is actually created?
>
>> Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100
> It appears that the record is added over RPC, but then fails to find it
> over LDAP. Presumably they are to the same domain controller, so you
> should be able to see if there is a record in the domain DNS zone. Maybe
> there is a race here, but that seems a little unlikely. Alternatively,
> it might be storing the record in a place we do not expect. Try with
> some additional debugging perhaps, using -d3 for instance and see if
> there's any more detail on the DNS error.
>
> Cheers,
>
> Garming

More information about the samba mailing list