[Samba] Failing to join existing AD as DC
Andrew Bartlett
abartlet at samba.org
Fri Aug 16 10:10:49 UTC 2019
On Fri, 2019-08-16 at 11:18 +0200, L.P.H. van Belle via samba wrote:
> Good point Roy,
>
> So we can add the question.
> > I tried joining the same AD before and succeeded,
>
> Your other DC, is that in the same subnet?
>
> And is the windows firewall allowing the other subnet?
> telnet the DNS port from the samba server to the windows server.
>
I'm quite confused, why are you folks chasing down routing issues for
an operations error on a valid LDAP connection?
This seems a very odd and increasingly tortured set of diagnostics.
Alexander,
I think the invalid credentials bit is a red herring, during the
cleanup, the main backtrace shown looks like it doesn't like one of the
objects being modified over LDAP.
Examination of the source code shows that the only way a modify occurs
is if we are in 'promote_existing' mode, so perhaps ensure any accounts
of the same name are first deleted, or choose an unused name for the
DC.
I hope this helps,
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list