[Samba] can windows server 2012 R2 join samba ad directly

Adam Xu adam_xu at adagene.com.cn
Wed Mar 23 09:03:40 UTC 2022 

In windows DC, when I ran "repadmin /showrepl", No error occured.

Some possible related samba dc errors:

[2022/03/20 11:25:13.940775,  0] 
../../source4/dsdb/repl/replicated_objects.c:735(dsdb_replicated_objects_convert)
   dsdb_replicated_objects_convert: Ignoring object outside partition 
f846aa31-2ee0-4596-8ee2-44be210bfacd 
DC=ForestDnsZones,DC=ntbaobei,DC=com: WERR_DS_ADD_REPLICA_INHIBITED
[2022/03/20 11:25:13.941671,  0] 
../../source4/dsdb/repl/replicated_objects.c:735(dsdb_replicated_objects_convert)
   dsdb_replicated_objects_convert: Ignoring object outside partition 
53c67ead-f463-4fe0-b1f0-54259edd1598 
DC=DomainDnsZones,DC=ntbaobei,DC=com: WERR_DS_ADD_REPLICA_INHIBITED

在 2022/3/22 16:32, Andrew Bartlett via samba 写道:
> I would need to see the logs on the Samba side.  Do other changes
> replicate?
>
> It may just be normal replication issues, check DNS in particular.
>
> Andrew Bartlett
>
> On Tue, 2022-03-22 at 16:25 +0800, Adam Xu via samba wrote:
>> Hi Andrew,
>>
>> I have joined my windows AD to samba AD successfully. But,
>>
>> when I change one user's password in windoiws AD. the password was not
>> synced to other samba AD DCs.
>>
>> Is this a compatibility issue?
>>
>> 在 2022/3/19 12:57, Andrew Bartlett via samba 写道:
>>> On Sat, 2022-03-19 at 09:24 +0800, Adam Xu via samba wrote:
>>>> Hi samba list,
>>>>
>>>> accroding to samba wiki,
>>>> https://wiki.samba.org/index.php/Joining_a_Windows_Server_2012_/_2012_R2_DC_to_a_Samba_AD
>>>>
>>>> Windows server 2012 R2 can't join to samba AD directly. I need to join a
>>>> windows server 2018 R2 to samba AD first and then join windows server
>>>> 2012 R2 to samba AD.
>>>>
>>>> but a searched for a document.
>>>> https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_add_windows_active_directory.html
>>>>
>>>> In that document, we can join windows server 2012 R2 to samba directly.
>>>>
>>>> Which document is more reliable? My samba version is 4.15.6.
>>> Why not try it?
>>>
>>> If it works, update the wiki.
>>>
>>> It's the weekend, so this is just from memory, but while we did a pile
>>> of work on our 'adprep' reimplementation (using the public script files
>>> MS published, thanks MS!), to allow this, and before that recommended
>>> going via a MS server to run their adprep, Microsoft fixed some bugs we
>>> alerted them to.
>>>
>>> That I understand now allows a join directly.
>>>
>>> Andrew Bartlett
>>>

More information about the samba mailing list