[Samba] problem joining Samba DC to existing domain

Michal Sládek michal at sladkovi.eu
Sat Jul 13 12:53:47 UTC 2019 

I always thought that it would be possible to join Windows Server 2016 if
the domain level remains 2008 R2. Thanks for clarification.

Michal



Dne so 13. 7. 2019 14:30 uživatel Rowland penny via samba <
samba at lists.samba.org> napsal:

> On 13/07/2019 13:03, Michal Sládek via samba wrote:
> > Hello!
> >
> > I am not able to joing new Samba DC to existing domain:
> >
> > Linux side:
> > OS: Centos 7
> > Samba version: 4.9.8 (Tranquil repo)
> > Hostname: adserver9
> >
> > Windows side:
> > OS: Windows Server 2016
> > Domain/forrest level: Windows Server 2008 R2
> > Hostname: adserver8
> > Domain: spcr.local
> >
> > I am following this guide:
> >
> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
>
> You cannot directly add a Samba DC directly to a Windows 2012 Domain,
> never mind a 2016 DC, see here:
>
>
> https://wiki.samba.org/index.php/Joining_a_Windows_Server_2012_/_2012_R2_DC_to_a_Samba_AD
>
> Read the introduction and the warning.
>
> Samba 4.11.0 will have support for schema version 69 (Windows Server
> 2012R2), but the function level will still not be available.
>
> Rowland
>
>
> >
> > I am getting this error:
> > [root at adserver9 /]# samba-tool domain join spcr.local DC
> > -U"SPCR\Administrator" --verbose
> > Finding a writeable DC for domain 'spcr.local'
> > Found DC adserver8.spcr.local
> > Password for [SPCR\Administrator]:
> > workgroup is SPCR
> > realm is spcr.local
> > Adding CN=ADSERVER9,OU=Domain Controllers,DC=spcr,DC=local
> > Adding
> >
> CN=ADSERVER9,CN=Servers,CN=Vychozi-nazev-prvni-site,CN=Sites,CN=Configuration,DC=spcr,DC=local
> > Adding CN=NTDS
> >
> Settings,CN=ADSERVER9,CN=Servers,CN=Vychozi-nazev-prvni-site,CN=Sites,CN=Configuration,DC=spcr,DC=local
> > Join failed - cleaning up
> > Deleted CN=ADSERVER9,OU=Domain Controllers,DC=spcr,DC=local
> > Deleted CN=NTDS
> >
> Settings,CN=ADSERVER9,CN=Servers,CN=Vychozi-nazev-prvni-site,CN=Sites,CN=Configuration,DC=spcr,DC=local
> > Deleted
> >
> CN=ADSERVER9,CN=Servers,CN=Vychozi-nazev-prvni-site,CN=Sites,CN=Configuration,DC=spcr,DC=local
> > ERROR(ldb): uncaught exception - LDAP error 1 LDAP_OPERATIONS_ERROR -
> >   <000021A2: SvcErr: DSID-030A089E, problem 5012 (DIR_ERROR), data 8610
> >> <>
> >    File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
> line
> > 178, in _run
> >      return self.run(*args, **kwargs)
> >    File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line
> > 716, in run
> >      backend_store=backend_store)
> >    File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1501, in
> > join_DC
> >      ctx.do_join()
> >    File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1397, in
> > do_join
> >      ctx.join_add_objects()
> >    File "/usr/lib64/python2.7/site-packages/samba/join.py", line 683, in
> > join_add_objects
> >      ctx.samdb.modify(m)
> >
> > I would be grateful if somebody could point me to a right direction...
> >
> > Best regards
> >
> > Michal
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list