[Samba] Unable to join DC to domain.
Rowland Penny
rpenny at samba.org
Wed Jun 30 19:32:10 UTC 2021
On Wed, 2021-06-30 at 20:42 +0200, Klaus Ade Johnstad via samba wrote:
> I'm looking at a new hosting provider for a new project, and one of
> the
> things we need setup, is a Samba ReadOnly DC at the hosting places,
> talking to our DC at the office over vpn. I've tried 4 different
> hostingproviders, and joining a Samba DC from 3 of these providers
> works
> flawlessly. I have a script that sets up everything, so the setup is
> identical everywhere. I use Debian 10 with the newest samba packages
> from Louis.
>
> At one place this just does not work. The weird thing is that klist
> works, ldapsearch works, I can even join as a normal member, just not
> as
> a RODC, or normal DC for that matter. There is no firewall stopping
> anything. I just wonder if anyone has seen something like this? Or
> if
> they have an idea what might be stopping this?
>
> This is that I get every time, but only at 1 of the 4 different
> hosting
> places I've tried:
> samba-tool domain join s.d-s.no RODC -U"AD\\Administrator"
> --dns-backend=SAMBA_INTERNAL --option='idmap_ldb:use rfc2307 = yes'
> --server=dc01.s.d-s.no --option="interfaces=lo tun9" --option="bind
> interfaces only=yes"
>
Try it like this:
samba-tool domain join s.d-s.no RODC -U Administrator --
password=ADMINISTRATOR_PASSWORD --option='idmap_ldb:use rfc2307 = yes'
--option="interfaces = lo tun9" --option="bind interfaces only = yes"
I take it that everything else is identical, /etc/resolv.conf for
instance.
Rowland
More information about the samba
mailing list