[Samba] FW: samba_kcc issue after joining the domain as a DC
Rowland penny
rpenny at samba.org
Mon Feb 10 16:23:47 UTC 2020
On 10/02/2020 16:01, L.P.H. van Belle via samba wrote:
> Hai,
>
> Ok. I did more digging, this is a link Dennis showed which might help..
> https://www.itprotoday.com/windows-78/q-how-can-i-create-domaindnszones-directory-partition
>
>
> Now, if i go throught the mailing list and lookup everything abotu this part.
>
>> Could not find machine account in secrets database: Failed to fetch
>> machine account password for DOM from both secrets.ldb (Could not find
>> entry to match filter: '(&(flatname=DOM)(objectclass=primaryDomain))'
>> base: 'cn=Primary Domains': No such object: dsdb_search at
>> ../source4/dsdb/common/util.c:4705) and from
>> /var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
> I cant see/find a clear solution.
> All problem domains where 2000/2003 related..
>
> @Rowland or @Dennis, you guys any other options here?
> Im out of options for Alex.
There have been quite a few posts lately where the problem has come from
trying to join a Samba AD DC to a Windows domain that started out as Win
2k or 2003 and has never had the DNS upgraded.
Perhaps we need to place something on the wiki to advise that the DNS
must be 2008R2 function level and the best place to do this is on the
Windows DC before attempting joining the Samba DC.
The other option is to remove 'DC=DomainDnsZones,DC=domain,DC=com' and
'DC=ForestDnsZones,DC=domain,DC=com' after the join and then run
'samba_upgradedns', would this work ?
Rowland
More information about the samba
mailing list