[Samba] Adding new DC causes samba.join.DCJoinException
William Edwards
william at tuxis.nl
Tue Jul 9 08:56:30 UTC 2019
Hi,
I have a primary DC that I provisioned with this command:
samba-tool domain provision --server-role=dc --use-rfc2307 --dns-backend=SAMBA_INTERNAL --realm={{ samba_default_realm }} --domain={{ samba_default_realm_domain }} --adminpass={{ samba_ldap_adminpw }}
I am now trying to provision a second DC in the same domain with the command:
samba-tool domain join {{ samba_default_realm | lower }} DC -U"{{ samba_default_realm_domain }}\Administrator" --password={{ samba_ldap_adminpw }}
Naturally, the variables ({{ }}) are replaced with actual values.
However, when I run the second command on the new DC, I get:
--
resolve_lmhosts: Attempting lmhosts lookup for name DC1.domain.tld<0x20>
ERROR(<class 'samba.join.DCJoinException'>): uncaught exception - Can't join, error: Not removing account DC2$ which looks like a Samba DC account matching the password we already have. To override, remove secrets.ldb and secrets.tdb
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 185, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python3/dist-packages/samba/netcmd/domain.py", line 699, in run
backend_store=backend_store)
File "/usr/lib/python3/dist-packages/samba/join.py", line 1535, in join_DC
ctx.do_join()
File "/usr/lib/python3/dist-packages/samba/join.py", line 1424, in do_join
ctx.cleanup_old_join()
File "/usr/lib/python3/dist-packages/samba/join.py", line 283, in cleanup_old_join
ctx.cleanup_old_accounts(force=force)
File "/usr/lib/python3/dist-packages/samba/join.py", line 253, in cleanup_old_accounts
% ctx.samname)
--
I'm using Samba Version 4.10.5-Debian (from apt.van-belle.nl repo). I read something about this having to do with the internal DNS backend which I use that should've been fixed in Samba 4.7.
Any idea why I'm getting this error?
--
Groeten,
William Edwards
Tuxis Internet Engineering
More information about the samba
mailing list