[Samba] join samba to an existing AD failed
Ryan
ryanyang51 at 163.com
Fri Jul 6 10:04:44 UTC 2018
The user vdsadmin has been add to domain administrators group when I built my domain. It should have all required permissions, I think.
I want to join the new DC to a AD that also based on samba 4.8.3. The new DC and the existing AD are both samba 4.8.3 installing on centos 7.1.
>On Fri, 6 Jul 2018 15:50:08 +0800 (CST)
>Ryan via samba <samba at lists.samba.org> wrote:
>
>> Hello,
>>
>> I was trying to join a samba DC to an existing AD. But it failed when
>> I used the command ‘samba-tool domain join euler.huawei.com DC ‘ to
>> join it to the domain. Here’s the log:
>>
>>
>> euler-2:/usr/custom # samba-tool domain join euler.huawei.com DC
>> --option='idmap_ldb:use rfc2307 = yes' -U vdsadmin at euler.huawei.com
>>
>> Finding a writeable DC for domain 'euler.huawei.com'
>>
>> Found DC euler-1.euler.huawei.com
>>
>> Password for [vdsadmin at euler.huawei.com]:
>>
>> workgroup is EULER
>>
>> realm is euler.huawei.com
>>
>> Adding CN=EULER-2,OU=Domain Controllers,DC=euler,DC=huawei,DC=com
>>
>> Adding
>> CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
>>
>> Adding CN=NTDS
>> Settings,CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
>>
>> Join failed - cleaning up
>>
>> Deleted CN=EULER-2,OU=Domain Controllers,DC=euler,DC=huawei,DC=com
>>
>> Deleted
>> CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
>>
>> ERROR(runtime): uncaught exception - (3221225653, '{Device Timeout}
>> The specified I/O operation on %hs was not completed before the
>> time-out period expired.')
>>
>> File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
>> line 176, in _run
>>
>> return self.run(*args, **kwargs)
>>
>> File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
>> line 706, in run
>>
>> plaintext_secrets=plaintext_secrets)
>>
>> File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1482,
>> in join_DC
>>
>> ctx.do_join()
>>
>> File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1381,
>> in do_join
>>
>> ctx.join_add_objects()
>>
>> File "/usr/lib64/python2.7/site-packages/samba/join.py", line 644,
>> in join_add_objects
>>
>> ctx.join_add_ntdsdsa()
>>
>> File "/usr/lib64/python2.7/site-packages/samba/join.py", line 575,
>> in join_add_ntdsdsa
>>
>> ctx.DsAddEntry([rec])
>>
>> File "/usr/lib64/python2.7/site-packages/samba/join.py", line 470,
>> in DsAddEntry
>>
>> ctx.drsuapi_connect()
>>
>> File "/usr/lib64/python2.7/site-packages/samba/join.py", line 448,
>> in drsuapi_connect
>>
>> ctx.drsuapi = drsuapi.drsuapi(binding_string, ctx.lp, ctx.creds)
>>
>>
>> The samba version is 4.8.3.
>>
>> The log is not like what is described in the samba wiki
>> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory.
>> Does any one know the reason and how to resolve it?
>>
>> Thanks.
>> Ryan
>
>It seems to be possibly credentials related, does your admin user have
>all the required permissions ?
>Also, does it work if you use Administrator ?
>
>What are you trying to join the new DC to ?
>
>Rowland
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list