[Samba] adding windows DC to samba AD
Rowland penny
rpenny at samba.org
Tue May 11 09:45:33 UTC 2021
On 11/05/2021 10:25, mj via samba wrote:
> Hi,
>
> This morning, I simply tried adding the 2008R2 DC again, and the DC
> was added successfully. Domain logons work, etc. Not sure why it
> didn't work yesterday. I also transferred fsmo roles to the 2008R2 DC.
>
> Next step was trying to add a win2012R2 DC following
>> https://wiki.samba.org/index.php/Joining_a_Windows_Server_2012_/_2012_R2_DC_to_a_Samba_AD
>>
> but it fails with:
>
> The attempt to join this computer to the "samba.company.com" domain
> failed. "This operation is only allowed for the Primary Domain
> Controller of the domain."
>
> I did not know that there are primary (and thus also secondary?) DCs
> in AD.
There aren't, I think it is referring to the PDC_Emulator FSMO role,
perhaps it is trying to join using the wrong DC ?
>
> Thing is: I would prefer not to include a (EOLed) win2008R2 DC in our
> samba domain.
>
> Hence the question: Is it possible at all to add a current (not
> EOL-ed) version of windows as a DC in a samba AD on level 2008_R2 ?
>
> Also asking because of the warning on the samba wiki.
>> ("Joining a Windows Server 2012 or 2012 R2 DC to a Samba AD breaks
>> the AD replication! Do not use this documentation until the problem
>> is fixed!
>> For more details, see Bug #13618 and Bug #13619.")
Try reading this:
https://dev.tranquil.it/samba/en/samba_advanced_methods/samba_add_windows_active_directory.html
Perhaps it will help.
Rowland
More information about the samba
mailing list