[Samba] FW: samba_kcc issue after joining the domain as a DC

Tue Feb 11 16:55:34 UTC 2020

>> After some debugging, I was able to find the source of this error:
>> ERROR(runtime): uncaught exception - (9003, 'WERR_DNS_ERROR_RCODE_NAME_ERROR')
>>
>> It's  thrown  during the join b/c Samba is trying to find the DNS record for the
>> new   DC   (the  Samba)  inside  DC=DomainDnsZones,DC=domain,DC=com  instead  of
>> DC=ForestDnsZones,DC=domain,DC=com.
>>
>> Do you have any ideas why and how to deal with that?

> As for the why, it is because that is where it should be:

> dn: 
> DC=DC4,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
> objectClass: top
> objectClass: dnsNode

> What does 'samba-tool dns zonelist IP_OF_WINDOWS_DC' show ?

# samba-tool dns zonelist 172.26.1.81
Password for [administrator at domain.com]:
  2 zone(s) found

  pszZoneName                 : _msdcs.domain.com
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
  pszDpFqdn                   : ForestDnsZones.domain.com

  pszZoneName                 : domain.com
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
  pszDpFqdn                   : ForestDnsZones.domain.com

-- 
Best regards,
Alex Alex