[Samba] Windows Client domain join fails
Ralf Spenneberg
ralf at spenneberg.net
Wed Nov 4 11:22:04 UTC 2020
Hi,
I have a samba 4.10 ad domain which has been running fine for quite some
time.
Now when I try to join windows 10 pro 1909 clients i am running in issues.
1. When I try to fully add the client to the samba ad on the client, the
join seems to run fine (I am welcomed in the new domain) but the event
log on the client immediately logs a line:
'Fehler beim Beitritt des Computers "AutoCAD06" zur Domäne "ad.xxx.de".
Fehlercode: "1332"'
In english: Error on joining the computer AutoCAD06 to domain ad.xxx.de.
Errorcode 1332.
2. If I add the computer account before trying to add the client this
message does not appear in the log.
But in both cases, after the reboot the client complains
"Die Sicherheitsdatenbank auf dem SErver enthält kein Computerkonto für
diese Arbeitsstationsvertrauensstellung."
In English: The security database on the server does not contain a
computer account for the workstation trust relationship.
The samba log is attached. I do not have a clue where to further search.
samba-tool computer show AUTOCAD06
shows the computer account.
ldbsearch -H /var/lib/samba/private/sam.ldb '(name=autocad06)'
as well.
The log looks to me as if the client is able to authenticate.
What could I turn on in the logs to further debug this?
Current setting log level = 3 auth:10 kerberos:10 sam:10
Any help is appreciated.
Kind regards,
Ralf
More information about the samba
mailing list