[Samba] Samba 4.11.6 cannot JOIN - 'Could not find machine account'
Rowland penny
rpenny at samba.org
Sat Feb 8 20:43:15 UTC 2020
On 08/02/2020 20:25, Rick Hollinbeck via samba wrote:
> Thanks for the help with this, Rowland.
>
>> Where these 2008 DCs upgraded from an earlier version ? (2000, 2003)
> Yes, the two Windows servers were migrated over the years to Server 2008 (one is 2008
> R2).
> I've now moved the _msdcs folder and made it a zone in the forest, restarted NETLOGON,
> and set the functionality of the forest to Server 2008, then rebooted both windows servers.
> This seems to be working fine, on the windows servers and with other Windows client PC's.
Have you read this:
https://support.microsoft.com/en-gb/help/817470/how-to-reconfigure-an-msdcs-subdomain-to-a-forest-wide-dns-application
Is this what you have done ?
>
> BTW, this same Samba join error was happening before I did all that, though, and it didn't
> seem to help to raise functionality.
>
> But it does seem like some permission on the Windows side might be missing for the new
> Samba DC to join the domain.
> I would think that the administrator paswd provided to samba-tool would be enough, though.
>
> This issue is similar:
> https://bugzilla.samba.org/show_bug.cgi?id=13298
>
> Here is how I am attempting the join (my bash script):
> -----
> echo "Stopping Samba services..."
> service samba stop >/dev/null || true
> service samba-ad-dc stop >/dev/null || true
> service smbd stop >/dev/null || true
> service nmbd stop >/dev/null || true
>
> echo "Deleting Samba configuration file..."
> rm -f /etc/samba/smb.conf
> echo "Deleting Kerberos configuration file..."
> rm -f /etc/krb5.conf
>
> echo "Clean up *.tdb and *.ldb files (samba DBs)..."
> DIRS=$(smbd -b | egrep "LOCKDIR|STATEDIR|CACHEDIR|PRIVATE_DIR" | cut -d: -f2)
> for dir in $DIRS; do
> echo " Clearing $dir ..."
> find $dir \( -name "*.tdb" -or -name "*.ldb" \) -delete || true
> done
>
> rm -f Sambajoin.log
> samba-tool domain join OFFICE.EXAMPLE.COM DC --server=SERVI.OFFICE.EXAMPLE.COM -U"OFFICE\\administrator" --password=TheActualPassword --dns-backend=BIND9_DLZ -d3 >Sambajoin.log 2>&1
Can you send me a copy of Sambajoin.log ?
Rowland
More information about the samba
mailing list