[Samba] Error joining Samba 4.7.4 DC to existing Win2008R2 domain
Claudio Nicora
claudio.nicora at gmail.com
Mon Mar 5 13:23:09 UTC 2018
Il 05/03/2018 09:55, denis.shigapov via samba ha scritto:
> Hi, run please to Windows DC command
> dcdiag
Already did it, both plain dcdiag and dcdiag /test:DNS.
Nothing interesting in the output except for a warning at the end of
/test:dns execution (Warning: Failed to delete the test record
dcdiag-test-record in zone SAMDOM.LOCAL):
=================
PS C:\Users\Administrator.SAMDOM> dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SRVAD-OLD
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SRVAD-OLD
Starting test: Connectivity
......................... SRVAD-OLD passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SRVAD-OLD
Starting test: Advertising
......................... SRVAD-OLD passed test Advertising
Starting test: FrsEvent
......................... SRVAD-OLD passed test FrsEvent
Starting test: DFSREvent
......................... SRVAD-OLD passed test DFSREvent
Starting test: SysVolCheck
......................... SRVAD-OLD passed test SysVolCheck
Starting test: KccEvent
......................... SRVAD-OLD passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SRVAD-OLD passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SRVAD-OLD passed test MachineAccount
Starting test: NCSecDesc
......................... SRVAD-OLD passed test NCSecDesc
Starting test: NetLogons
......................... SRVAD-OLD passed test NetLogons
Starting test: ObjectsReplicated
......................... SRVAD-OLD passed test ObjectsReplicated
Starting test: Replications
......................... SRVAD-OLD passed test Replications
Starting test: RidManager
......................... SRVAD-OLD passed test RidManager
Starting test: Services
......................... SRVAD-OLD passed test Services
Starting test: SystemLog
......................... SRVAD-OLD passed test SystemLog
Starting test: VerifyReferences
......................... SRVAD-OLD passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Running partition tests on : SAMDOM
Starting test: CheckSDRefDom
......................... SAMDOM passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... SAMDOM passed test CrossRefValidation
Running enterprise tests on : SAMDOM.LOCAL
Starting test: LocatorCheck
......................... SAMDOM.LOCAL passed test LocatorCheck
Starting test: Intersite
......................... SAMDOM.LOCAL passed test Intersite
PS C:\Users\Administrator.SAMDOM> dcdiag /test:DNS
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SRVAD-OLD
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SRVAD-OLD
Starting test: Connectivity
......................... SRVAD-OLD passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SRVAD-OLD
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... SRVAD-OLD passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : SAMDOM
Running enterprise tests on : SAMDOM.LOCAL
Starting test: DNS
Test results for domain controllers:
DC: SRVAD-OLD.samdom.local
Domain: SAMDOM.LOCAL
TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record
dcdiag-test-record in zone SAMDOM.LOCAL
SRVAD-OLD PASS PASS PASS PASS WARN
PASS n/a
......................... SAMDOM.LOCAL passed test DNS
=================
PS C:\Users\Administrator.SAMDOM> dcdiag /test:DNS
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SRVAD-OLD
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SRVAD-OLD
Starting test: Connectivity
......................... SRVAD-OLD passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SRVAD-OLD
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... SRVAD-OLD passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : SAMDOM
Running enterprise tests on : SAMDOM.LOCAL
Starting test: DNS
Test results for domain controllers:
DC: SRVAD-OLD.samdom.local
Domain: SAMDOM.LOCAL
TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record
dcdiag-test-record in zone SAMDOM.LOCAL
SRVAD-OLD PASS PASS PASS PASS WARN
PASS n/a
......................... SAMDOM.LOCAL passed test DNS
=================
> Not really sure where to go from here, I don't have a windows 2008 DC to
> join to, is there anything in the windows event log ?
Did you run your tests on a newer (2012/2016) or older (2003) Windows
Server version?
Since I'm upgrading from 2000 and using a temporary Windows server in
between 2000 --> Samba, it's indifferent to me what trial Windows Server
version to use.
Event viewer "Directory services" log contains this record, created just
after the failed join attempt (and a new record is created at each
attempt, so I'm sure it's related to them):
=======
The attempt to establish a replication link for the following writable
directory partition failed.
Directory partition:
DC=ForestDnsZones,DC=SAMDOM,DC=LOCAL
Source directory service:
CN=NTDS
Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=LOCAL
Source directory service address:
74d3c251-b6dd-4018-b6a3-4cbc02bcb383._msdcs.SAMDOM.LOCAL
Intersite transport (if any):
This directory service will be unable to replicate with the source
directory service until this problem is corrected.
User Action
Verify if the source directory service is accessible or network
connectivity is available.
Additional Data
Error value:
1722 The RPC server is unavailable.
======
The reported missing
"74d3c251-b6dd-4018-b6a3-4cbc02bcb383._msdcs.SAMDOM.LOCAL" value is the
same that fails in samba-tool join log.
It seems to me that it's trying to update the DNS on the samba machine,
which is not yet available because its config files are generated at the
end of "samba-tool join" run.
>> That's why I didn't use it, I just turned off systemd-resolved and went
>> back to basics i.e. what I know and like.
>>
>> Rowland
Same here ;)
Claudio
More information about the samba
mailing list