[Samba] Joining Samba to Upgraded 2003 domain failing
Rowland penny
rpenny at samba.org
Fri Nov 13 20:11:20 UTC 2020
On 13/11/2020 19:45, Travis Wenks via samba wrote:
> join attempted via
> sudo samba-tool domain join net.example.com DC
> -U'NET.EXAMPLE.COM\administrator'
> --option='idmap_ldb:use rfc2307 = yes
The '-U NET.EXAMPLE.COM\administrator' should be either '-U
NET\administrator' or just '-U administrator'
>
> failure lines
>
> gensec_gssapi: NO credentials were delegated
> GSSAPI Connection will be cryptographically signed
> INFO 2020-11-13 09:00:44,891 pid:12210
> /usr/local/samba/lib/python3.8/site-packages/samba/join.py #1178: Adding
> DNS A record TLA-DC06.NET.EXAMPLE.COM for IPv4 IP: 10.74.20.69
> Join failed - cleaning up
The error was adding a DNS record, the rest of the output up to the
python error message is just an artefact
> ERROR(runtime): uncaught exception - (9714,
> 'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST')
> File
> "/usr/local/samba/lib/python3.8/site-packages/samba/netcmd/__init__.py",
> line 186, in _run
> return self.run(*args, **kwargs)
> File "/usr/local/samba/lib/python3.8/site-packages/samba/netcmd/domain.py",
> line 661, in run
> join_DC(logger=logger, server=server, creds=creds, lp=lp, domain=domain,
> File "/usr/local/samba/lib/python3.8/site-packages/samba/join.py", line
> 1558, in join_DC
> ctx.do_join()
> File "/usr/local/samba/lib/python3.8/site-packages/samba/join.py", line
> 1455, in do_join
> ctx.join_add_dns_records()
> File "/usr/local/samba/lib/python3.8/site-packages/samba/join.py", line
> 1196, in join_add_dns_records
> = ctx.samdb.dns_lookup("%s.%s" % (name, zone),
> File "/usr/local/samba/lib/python3.8/site-packages/samba/samdb.py", line
> 1245, in dns_lookup
> return dsdb_dns.lookup(self, dns_name,
>
>
> This happens when trying to join a DC from packages or sources to a
> existing domain that started as a 2003 server, was upgraded to 2008r2 them
> migrated to samba.
OK, you say it was a 2003 server upgraded to 2008R2, but was the DNS
upgraded as well, see here:
https://support.microsoft.com/en-gb/help/817470/how-to-reconfigure-an-msdcs-subdomain-to-a-forest-wide-dns-application
Windows seems to work with the old DNS, Samba doesn't, so this could be
your problem.
Rowland
More information about the samba
mailing list