[Samba] Failed when join to an existing Active Directory Domain
Igor Sousa
igorvolt at gmail.com
Fri Oct 11 20:56:57 UTC 2019
Hi,
I've tried to update my samba AD/DC environment. Then, I've removed a
existing offline DC with "samba-tool domain demote
--remove-other-dead-server=genos". I've re-created "genos" (yes, I try to
keep the same name and IP address) and install a 4.10.2 samba version (I
know the new version is 4.11.0). When I've tried to join it on my domain,
I've received message "Join failed - cleaning up" and the error
ERROR(runtime): uncaught exception - (9714,
'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST'). I've never seen this error before
and I don't know how to fix it.
OBS: I've verified on DNS Manager, Active Directory Sites and Services and
Active Directory Users and Computers if genos demonted was successful.
See below the output of join command.
[root at genos ~]# samba-tool domain join smb DC -U"SMB\administrator"
--dns-backend=BIND9_DLZ --option='idmap_ldb:use rfc2307 = yes'
INFO 2019-10-11 17:48:28,951 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/join.py #103: Finding
a writeable DC for domain 'smb'
INFO 2019-10-11 17:48:28,972 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/join.py #105: Found DC
samba4.smb
Password for [SMB\administrator]:
INFO 2019-10-11 17:48:35,306 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/join.py #1519:
workgroup is SMB
INFO 2019-10-11 17:48:35,307 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/join.py #1522: realm
is smb
Adding CN=GENOS,OU=Domain Controllers,DC=SMB
Adding
CN=GENOS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SMB
Adding CN=NTDS
Settings,CN=GENOS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SMB
Adding SPNs to CN=GENOS,OU=Domain Controllers,DC=SMB
Setting account password for GENOS$
Enabling account
Adding DNS account CN=dns-GENOS,CN=Users,DC=SMB with dns/ SPN
Setting account password for dns-GENOS
Calling bare provision
INFO 2019-10-11 17:48:37,247 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2079: Looking up IPv4 addresses
INFO 2019-10-11 17:48:37,248 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2096: Looking up IPv6 addresses
WARNING 2019-10-11 17:48:37,249 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2103: No IPv6 address will be assigned
INFO 2019-10-11 17:48:38,134 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2269: Setting up share.ldb
INFO 2019-10-11 17:48:38,164 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2273: Setting up secrets.ldb
INFO 2019-10-11 17:48:38,194 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2279: Setting up the registry
INFO 2019-10-11 17:48:38,287 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2282: Setting up the privileges database
INFO 2019-10-11 17:48:38,333 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2285: Setting up idmap db
INFO 2019-10-11 17:48:38,362 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2292: Setting up SAM db
INFO 2019-10-11 17:48:38,369 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#882: Setting up sam.ldb partitions and settings
INFO 2019-10-11 17:48:38,370 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#894: Setting up sam.ldb rootDSE
INFO 2019-10-11 17:48:38,375 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#1297: Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on
local domainSIDs
INFO 2019-10-11 17:48:38,415 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2342: A Kerberos configuration suitable for Samba AD has been generated at
/usr/local/samba/private/krb5.conf
INFO 2019-10-11 17:48:38,416 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py
#2343: Merge the contents of this file with your system krb5.conf or
replace it with this one. Do not create a symlink!
Provision OK for domain DN DC=SMB
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=SMB] objects[402/1550]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SMB] objects[804/1550]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SMB] objects[1206/1550]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=SMB] objects[1550/1550]
linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=SMB] objects[402/1643] linked_values[0/0]
Partition[CN=Configuration,DC=SMB] objects[804/1643] linked_values[0/0]
Partition[CN=Configuration,DC=SMB] objects[1206/1643] linked_values[0/0]
Partition[CN=Configuration,DC=SMB] objects[1608/1643] linked_values[0/0]
Partition[CN=Configuration,DC=SMB] objects[1643/1643] linked_values[56/0]
Failed to commit objects: DOS code 0x000021bf
Missing target object - retrying with DRS_GET_TGT
Partition[CN=Configuration,DC=SMB] objects[2045/1643] linked_values[56/0]
Partition[CN=Configuration,DC=SMB] objects[2447/1643] linked_values[56/0]
Partition[CN=Configuration,DC=SMB] objects[2849/1643] linked_values[56/0]
Partition[CN=Configuration,DC=SMB] objects[3251/1643] linked_values[56/0]
Partition[CN=Configuration,DC=SMB] objects[3286/1643] linked_values[112/0]
Replicating critical objects from the base DN of the domain
Partition[DC=SMB] objects[99/99] linked_values[42/0]
Partition[DC=SMB] objects[402/564] linked_values[0/0]
../../lib/ldb/ldb_key_value/ldb_kv_index.c:2413: duplicate attribute value
in CN=SAULO-THINK,CN=Computers,DC=SMB for index on servicePrincipalName,
duplicate of objectGUID 449c0f09-c392-498b-9ad1-fce0c288d610 in
@INDEX:SERVICEPRINCIPALNAME:TERMSRV/SAULO-THINK.SMB
Partition[DC=SMB] objects[564/564] linked_values[155/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=SMB
Partition[DC=DomainDnsZones,DC=SMB] objects[402/858] linked_values[0/0]
Partition[DC=DomainDnsZones,DC=SMB] objects[804/858] linked_values[0/0]
Partition[DC=DomainDnsZones,DC=SMB] objects[858/858] linked_values[0/0]
Replicating DC=ForestDnsZones,DC=SMB
Partition[DC=ForestDnsZones,DC=SMB] objects[76/76] linked_values[0/0]
Exop on[CN=RID Manager$,CN=System,DC=SMB] objects[3] linked_values[0]
Committing SAM database
INFO 2019-10-11 17:49:04,633 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/join.py #1097: Adding
1 remote DNS records for GENOS.smb
INFO 2019-10-11 17:49:04,753 pid:29652
/usr/local/samba/lib64/python3.6/site-packages/samba/join.py #1160: Adding
DNS A record GENOS.smb for IPv4 IP: 10.41.17.130
Join failed - cleaning up
Deleted CN=RID Set,CN=GENOS,OU=Domain Controllers,DC=SMB
Deleted CN=GENOS,OU=Domain Controllers,DC=SMB
Deleted CN=dns-GENOS,CN=Users,DC=SMB
Deleted CN=NTDS
Settings,CN=GENOS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SMB
Deleted
CN=GENOS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SMB
ERROR(runtime): uncaught exception - (9714,
'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST')
File
"/usr/local/samba/lib64/python3.6/site-packages/samba/netcmd/__init__.py",
line 185, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib64/python3.6/site-packages/samba/netcmd/domain.py",
line 699, in run
backend_store=backend_store)
File "/usr/local/samba/lib64/python3.6/site-packages/samba/join.py", line
1535, in join_DC
ctx.do_join()
File "/usr/local/samba/lib64/python3.6/site-packages/samba/join.py", line
1436, in do_join
ctx.join_add_dns_records()
File "/usr/local/samba/lib64/python3.6/site-packages/samba/join.py", line
1178, in join_add_dns_records
dns_partition=domaindns_zone_dn)
File "/usr/local/samba/lib64/python3.6/site-packages/samba/samdb.py",
line 1069, in dns_lookup
dns_partition=dns_partition)
--
Igor Sousa
More information about the samba
mailing list