[Samba] Can't find machine account
Robert A Wooldridge
bob.wooldridge at edm-inc.com
Thu Jul 18 15:06:01 UTC 2019
On 07/17/2019 02:12 PM, Rowland penny via samba wrote:
> On 17/07/2019 19:31, Robert A Wooldridge via samba wrote:
>> Active Directory domain, the only DC is a Server 2003 machine.
> Is the function level set to its highest level ?
Apparently not. It is set to Windows 2000 level. It could be set to
Server2003 level but it thinks that one of my file servers is a domain
controller and it can't change it's level. That's strange because this
file server is not a DC.
>>>
>>> /etc/resolv.conf
>> nameserver 10.10.1.14
>> nameserver 10.10.1.1
>> search edm-inc.com
> I take it '10.10.1.14' is the 2003 DC
Yes
>>
>>>
>>> /etc/krb5.conf
>> [libdefaults]
>> dns_lookup_realm = false
>> dns_lookup_kdc = true
>> default_realm = EDM-INC.COM
> Try /etc/krb5.conf like the above
Have tried both.
>>
>>
>> Here's the full error:
>>
>> Could not find machine account in secrets database: Failed to fetch
>> machine account password for EDM from both secrets.ldb (Could not
>> find entry to match filter:
>> '(&(flatname=EDM)(objectclass=primaryDomain))' base: 'cn=Primary
>> Domains': No such object: dsdb_search at
>> ../source4/dsdb/common/util.c:4705) and from
>> /var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
>
> Problem is (so I have been told) neither secrets.tdb or secrets.ldb
> will have been created at this point, so this could be a red herring.
>
> Does the windows DC run a dns server
Yes
>
> What actual command are you running ?
samba-tool domain join EDM-INC.COM DC -U"EDM\administrator" --verbose -d3
>
--
Bob Wooldridge
EDM Incorporated
More information about the samba
mailing list