[Samba] Error joining Samba 4.7.4 DC to existing Win2008R2 domain

Claudio Nicora nicorac at yahoo.com
Sun Feb 25 11:28:39 UTC 2018


Tried again to join, now with full cleanup of /var/lib/samba/private 
folder on new server... same error.

Anyone have an idea of what's going wrong?


Il 23/02/2018 09:52, Claudio Nicora via samba ha scritto:
> Thanks for your help.
>
>> On the Windows DC can you check that the A record is actually created?
>
> Yes, it is, and it persists after join failure.
> Another sign of presence of SRVAD-NEW on the old DC is the new 
> computer account, created in "Domain controllers" folder in "Active 
> Directory Users and Computers" at the beginning of join procedure then 
> automatically removed just after the failure message.
>
> > Try with some additional debugging perhaps, using -d3
>
> That's exactly what I meant with "shed some light"... that option 
> should be mentioned in the "Joining a Samba DC to an Existing Active 
> Directory" Wikipage ;)
>
> Here's the new log:
>
> ============================================================
> root at SRVAD-NEW:~# samba-tool domain join SAMDOM.LOCAL DC 
> -U"SAMDOM.LOCAL\Administrator" --dns-backend=BIND9_DLZ 
> --option="interfaces=eth_lan" --verbose -d3
>
> lpcfg_load: refreshing parameters from /etc/samba/smb.conf
> GENSEC backend 'gssapi_spnego' registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'naclrpc_as_system' registered
> GENSEC backend 'sasl-EXTERNAL' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'ntlmssp_resume_ccache' registered
> GENSEC backend 'http_basic' registered
> GENSEC backend 'http_ntlm' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> Finding a writeable DC for domain 'SAMDOM.LOCAL'
> resolve_lmhosts: Attempting lmhosts lookup for name 
> _ldap._tcp.SAMDOM.LOCAL<0x0>
> Found DC SRVAD-OLD.SAMDOM.LOCAL
> resolve_lmhosts: Attempting lmhosts lookup for name 
> SRVAD-OLD.SAMDOM.LOCAL<0x20>
> Password for [SAMDOM.LOCAL\Administrator]:
> workgroup is SAMDOM
> realm is SAMDOM.LOCAL
> Adding CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
> Adding 
> CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
> Adding CN=NTDS 
> Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
> Using binding ncacn_ip_tcp:SRVAD-OLD.SAMDOM.LOCAL[,seal]
> resolve_lmhosts: Attempting lmhosts lookup for name 
> SRVAD-OLD.SAMDOM.LOCAL<0x20>
> resolve_lmhosts: Attempting lmhosts lookup for name 
> SRVAD-OLD.SAMDOM.LOCAL<0x20>
> Adding SPNs to CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
> Setting account password for SRVAD-NEW$
> Enabling account
> Adding DNS account CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=LOCAL with 
> dns/ SPN
> Setting account password for dns-SRVAD-NEW
> Calling bare provision
> lpcfg_load: refreshing parameters from /etc/samba/smb.conf
> Looking up IPv4 addresses
> Looking up IPv6 addresses
> No IPv6 address will be assigned
> Setting up secrets.ldb
> Setting up the registry
> ldb_wrap open of hklm.ldb
> Setting up the privileges database
> Setting up idmap db
> Setting up SAM db
> Setting up sam.ldb partitions and settings
> Setting up sam.ldb rootDSE
> Pre-loading the Samba 4 and AD schema
> partition_metadata: Migrating partition metadata: open of metadata.tdb 
> gave: (null)
> A Kerberos configuration suitable for Samba AD has been generated at 
> /var/lib/samba/private/krb5.conf
> Provision OK for domain DN DC=SAMDOM,DC=LOCAL
> Starting replication
> Using binding ncacn_ip_tcp:SRVAD-OLD.SAMDOM.LOCAL[,seal]
> resolve_lmhosts: Attempting lmhosts lookup for name 
> SRVAD-OLD.SAMDOM.LOCAL<0x20>
> resolve_lmhosts: Attempting lmhosts lookup for name 
> SRVAD-OLD.SAMDOM.LOCAL<0x20>
> Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
> objects[402/1557] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
> objects[804/1557] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
> objects[1206/1557] linked_values[0/0]
> Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL] 
> objects[1553/1557] linked_values[0/0]
> Analyze and apply schema objects
> Discarding older DRS attribute update to objectClass on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to whenCreated on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to objectVersion on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to showInAdvancedViewOnly on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to nTSecurityDescriptor on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to name on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to fSMORoleOwner on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to objectCategory on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to schemaInfo on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to objectClass on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to whenCreated on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to objectVersion on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to showInAdvancedViewOnly on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to nTSecurityDescriptor on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to name on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to fSMORoleOwner on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to objectCategory on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to schemaInfo on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to objectClass on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to whenCreated on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to objectVersion on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to showInAdvancedViewOnly on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to nTSecurityDescriptor on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to name on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to fSMORoleOwner on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to objectCategory on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to schemaInfo on 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Replicated 1553 objects (0 linked attributes) for 
> CN=Schema,CN=Configuration,DC=SAMDOM,DC=LOCAL
> Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[402/2386] 
> linked_values[0/20]
> Replicated 402 objects (0 linked attributes) for 
> CN=Configuration,DC=SAMDOM,DC=LOCAL
> Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[804/2386] 
> linked_values[0/20]
> Replicated 402 objects (0 linked attributes) for 
> CN=Configuration,DC=SAMDOM,DC=LOCAL
> Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[1206/2386] 
> linked_values[0/20]
> Replicated 402 objects (0 linked attributes) for 
> CN=Configuration,DC=SAMDOM,DC=LOCAL
> Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[1608/2386] 
> linked_values[0/20]
> Replicated 402 objects (0 linked attributes) for 
> CN=Configuration,DC=SAMDOM,DC=LOCAL
> Partition[CN=Configuration,DC=SAMDOM,DC=LOCAL] objects[1812/2386] 
> linked_values[20/20]
> Replicated 203 objects (20 linked attributes) for 
> CN=Configuration,DC=SAMDOM,DC=LOCAL
> Replicating critical objects from the base DN of the domain
> Partition[DC=SAMDOM,DC=LOCAL] objects[97/169] linked_values[0/0]
> Replicated 97 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
> Partition[DC=SAMDOM,DC=LOCAL] objects[396/1750] linked_values[0/0]
> Replicated 299 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
> Partition[DC=SAMDOM,DC=LOCAL] objects[798/1750] linked_values[0/0]
> Replicated 399 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
> Partition[DC=SAMDOM,DC=LOCAL] objects[917/1750] linked_values[0/0]
> Replicated 119 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
> Done with always replicated NC (base, config, schema)
> Replicating DC=DomainDnsZones,DC=SAMDOM,DC=LOCAL
> Partition[DC=DomainDnsZones,DC=SAMDOM,DC=LOCAL] objects[21/21] 
> linked_values[0/0]
> Replicated 21 objects (0 linked attributes) for 
> DC=DomainDnsZones,DC=SAMDOM,DC=LOCAL
> Replicating DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL
> Partition[DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL] objects[94/94] 
> linked_values[0/0]
> Replicated 94 objects (0 linked attributes) for 
> DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL
> Exop on[CN=RID Manager$,CN=System,DC=SAMDOM,DC=LOCAL] objects[3] 
> linked_values[0]
> Discarding older DRS attribute update to objectClass on CN=RID 
> Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to whenCreated on CN=RID 
> Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to showInAdvancedViewOnly on 
> CN=RID Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to nTSecurityDescriptor on 
> CN=RID Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to name on CN=RID 
> Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to fSMORoleOwner on CN=RID 
> Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> 19f8865f-929c-4aa1-a8fb-bb23c80b9cd0
> Discarding older DRS attribute update to systemFlags on CN=RID 
> Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to objectCategory on CN=RID 
> Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to isCriticalSystemObject on 
> CN=RID Manager$,CN=System,DC=SAMDOM,DC=LOCAL from 
> a9e55326-e32f-4da3-8baa-8cf29cbafded
> Discarding older DRS attribute update to objectClass on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to whenCreated on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to displayName on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to nTSecurityDescriptor on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to name on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to userAccountControl on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to codePage on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to countryCode on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to dBCSPwd on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to localPolicyFlags on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to logonHours on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to unicodePwd on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to ntPwdHistory on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to pwdLastSet on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to primaryGroupID on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to supplementalCredentials on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to objectSid on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to accountExpires on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to lmPwdHistory on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to sAMAccountName on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to sAMAccountType on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to dNSHostName on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to servicePrincipalName on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to objectCategory on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to isCriticalSystemObject on 
> CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Discarding older DRS attribute update to msDS-SupportedEncryptionTypes 
> on CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL from 
> 5129d5e2-1df1-4299-bede-1eed9ff37869
> Replicated 3 objects (0 linked attributes) for DC=SAMDOM,DC=LOCAL
> Committing SAM database
> Adding 1 remote DNS records for SRVAD-NEW.SAMDOM.LOCAL
> Using binding ncacn_ip_tcp:SRVAD-OLD.SAMDOM.LOCAL[,sign]
> resolve_lmhosts: Attempting lmhosts lookup for name 
> SRVAD-OLD.SAMDOM.LOCAL<0x20>
> resolve_lmhosts: Attempting lmhosts lookup for name 
> SRVAD-OLD.SAMDOM.LOCAL<0x20>
> Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100
> Join failed - cleaning up
> ldb_wrap open of secrets.ldb
> Could not find machine account in secrets database: Failed to fetch 
> machine account password for SAMDOM from both secrets.ldb (Could not 
> find entry to match filter: 
> '(&(flatname=SAMDOM)(objectclass=primaryDomain))' base: 'cn=Primary 
> Domains': No such object: dsdb_search at 
> ../source4/dsdb/common/util.c:4636) and from 
> /var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
> Deleted CN=RID Set,CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
> Deleted CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=LOCAL
> Deleted CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=LOCAL
> Deleted CN=NTDS 
> Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
> Deleted 
> CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
> ERROR(runtime): uncaught exception - (9003, 
> 'WERR_DNS_ERROR_RCODE_NAME_ERROR')
>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
> line 176, in _run
>     return self.run(*args, **kwargs)
>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 
> 661, in run
>     machinepass=machinepass, use_ntvfs=use_ntvfs, 
> dns_backend=dns_backend)
>   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in 
> join_DC
>     ctx.do_join()
>   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1384, in 
> do_join
>     ctx.join_add_dns_records()
>   File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1116, in 
> join_add_dns_records
>     dns_partition=domaindns_zone_dn)
>   File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 939, in 
> dns_lookup
>     dns_partition=dns_partition)
> ============================================================
>
>
> This caught my attention, but I don't know how to fix it:
> ===
> Could not find machine account in secrets database: Failed to fetch 
> machine account password for SAMDOM from both secrets.ldb (Could not 
> find entry to match filter: 
> '(&(flatname=SAMDOM)(objectclass=primaryDomain))' base: 'cn=Primary 
> Domains': No such object: dsdb_search at 
> ../source4/dsdb/common/util.c:4636) and from 
> /var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
> ===
>
> Thanks again for your help.
>
>
>
> Il 22/02/2018 23:09, Garming Sam via samba ha scritto:
>> On the Windows DC can you check that the A record is actually created?
>>
>>> Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100
>> It appears that the record is added over RPC, but then fails to find it
>> over LDAP. Presumably they are to the same domain controller, so you
>> should be able to see if there is a record in the domain DNS zone. Maybe
>> there is a race here, but that seems a little unlikely. Alternatively,
>> it might be storing the record in a place we do not expect. Try with
>> some additional debugging perhaps, using -d3 for instance and see if
>> there's any more detail on the DNS error.
>>
>> Cheers,
>>
>> Garming
>
>




More information about the samba mailing list