[Samba] Join DC has failed with error: NT_STATUS_PASSWORD_RESTRICTION
Rowland penny
rpenny at samba.org
Mon Sep 23 08:24:11 UTC 2019
On 23/09/2019 09:02, tomek82 wrote:
>
> W dniu 2019-09-22 20:24:36 użytkownik Rowland penny via samba <samba at lists.samba.org> napisał:
>> On 22/09/2019 19:05, tomek82 via samba wrote:
>> > Hi,
>> >
>> > I've joined samba DC to existing windows domain using:
>> You say 'existing windows domain', but what is the Windows domain ?
>> >
>> > samba-tool domain join ***.** DC -U"***\admin" --dns-backend=BIND9_DLZ
>> >
>> > It has stopped on
>> >
>> > Adding DNS account CN=dns-DC...
>> >
>> > with the below error.
>> >
>> > ERROR(runtime): uncaught exception - (-1073741716, 'SetUserInfo2 level 26 for [dns-DC] failed: NT_STATUS_PASSWORD_RESTRICTION')
>>
>> This would seem to mean the password isn't complex enough, but the
>> password should be random, so is the Windows domain set to have
>> extremely complex passwords ?
>>
>> What version of Samba are you running ?
>>
>> And on what OS ?
>>
>> Rowland
>>
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: <a target="_blank" href="https://lists.samba.org/mailman/options/samba">https://lists.samba.org/mailman/options/samba</a>
>
> It is Ubuntu 18.04.3 LTS
> smbd -V: 4.7.6-Ubuntu
>
> domain on Windows server 2016
>
> is it possible to manually configure this password?
>
> Thanks,
> Tom
No and it is all a bit academic, you cannot join Samba as a DC to a
Windows 2016 (yet). You 'might' be able to join if you run the Windows
DC in 2012 function level, but even if do get the join to work, I
wouldn't use it in production, there is still so much work to do on Samba.
Rowland
More information about the samba
mailing list