[Samba] join samba to an existing AD failed

Rowland Penny rpenny at samba.org
Fri Jul 6 08:42:33 UTC 2018 

On Fri, 6 Jul 2018 15:50:08 +0800 (CST)
Ryan via samba <samba at lists.samba.org> wrote:

> Hello,
> 
> I was trying to join a samba DC to an existing AD. But it failed when
> I used the command ‘samba-tool domain join euler.huawei.com DC ‘ to
> join it to the domain. Here’s the log:
> 
>  
> euler-2:/usr/custom #  samba-tool domain join euler.huawei.com DC
> --option='idmap_ldb:use rfc2307 = yes' -U vdsadmin at euler.huawei.com
> 
> Finding a writeable DC for domain 'euler.huawei.com'
> 
> Found DC euler-1.euler.huawei.com
> 
> Password for [vdsadmin at euler.huawei.com]:
> 
> workgroup is EULER
> 
> realm is euler.huawei.com
> 
> Adding CN=EULER-2,OU=Domain Controllers,DC=euler,DC=huawei,DC=com
> 
> Adding
> CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
> 
> Adding CN=NTDS
> Settings,CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
> 
> Join failed - cleaning up
> 
> Deleted CN=EULER-2,OU=Domain Controllers,DC=euler,DC=huawei,DC=com
> 
> Deleted
> CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
> 
> ERROR(runtime): uncaught exception - (3221225653, '{Device Timeout}
> The specified I/O operation on %hs was not completed before the
> time-out period expired.')
> 
>   File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
> line 176, in _run
> 
>     return self.run(*args, **kwargs)
> 
>   File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
> line 706, in run
> 
>     plaintext_secrets=plaintext_secrets)
> 
>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1482,
> in join_DC
> 
>     ctx.do_join()
> 
>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1381,
> in do_join
> 
>     ctx.join_add_objects()
> 
>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 644,
> in join_add_objects
> 
>     ctx.join_add_ntdsdsa()
> 
>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 575,
> in join_add_ntdsdsa
> 
>     ctx.DsAddEntry([rec])
> 
>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 470,
> in DsAddEntry
> 
>     ctx.drsuapi_connect()
> 
>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 448,
> in drsuapi_connect
> 
>     ctx.drsuapi = drsuapi.drsuapi(binding_string, ctx.lp, ctx.creds)
> 
> 
>  The samba version is 4.8.3.
> 
> The log is not like what is described in the samba wiki
> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory.
> Does any one know the reason and how to resolve it?
> 
> Thanks.
> Ryan

It seems to be possibly credentials related, does your admin user have
all the required permissions ?
Also, does it work if you use Administrator ?

What are you trying to join the new DC to ?

Rowland

More information about the samba mailing list