[Samba] Joining new AD controller to *old* Samba AD controller

Rowland penny rpenny at samba.org
Sun Apr 25 07:36:00 UTC 2021

On 25/04/2021 01:33, Peter Smode via samba wrote:
> I am adding another Samba AD controller to my home network, building the new
> controller (finch) from v4.14.2 source on CentOS 8. The existing (and, up
> till now, only) AD controller(turtle) is running on CentOS 7 based on
> v4.8.9. At the time, I thought that using the RPMs from what seemed to be a
> reliable source would be a good idea. Unfortunately, they changed direction,
> stopped updating the RPMs and my AD controller ended up getting trapped in
> time. I'll not be repeating that mistake.

The problem is/was a gnutls problem, compounded with Centos 8 turning 
into Centos stream. Many Centos users appear to be turning away from it 
and using other distro's instead, so there isn't the impetus to create 
Samba packages for Centos 8. As far as I understand it, Centos 7 will 
outlive Centos 8.

> First step is to get the new AD controller joined in and to be 100% certain
> I got it right. I need some help here to see if I have got this much right.
> I did the join and the log *mostly* looks OK, and I can see with samba-tool
> drs showrepl that replication is successful on both controllers. The only
> thing giving me concern in the join right now is the error messages in the
> middle of the output from the join operation:
> Failed to commit objects: DOS code 0x000021bf
> Missing target object - retrying with DRS_GET_TGT

Fairly common, for whatever reason, it couldn't 'commit' some objects, 
so it tried another way. If this had failed, it would have failed hard. 
If everything is working as expected, then I wouldn't worry.


More information about the samba mailing list