[Samba] samba-tool domain join: Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such file or directory
Michael Tokarev
mjt at tls.msk.ru
Mon Oct 31 13:07:15 UTC 2022
I come across an interesting thing here.
When joining to a samba AD DC domain with samba-tool domain join,
it gives the error message at the end, and later, winbindd
does the same thing a *lot*.
# samba-tool domain join tls.msk.ru -U mjt-adm
Password for [TLS\mjt-adm]:
libnet_join_precreate_machine_acct: Machine account successfully created
join: struct secrets_domain_infoB
[skip large dump of struct secrets_domain_infoB...]
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
Host account for WH does not have msDS-AdditionalDnsHostName.
ldb: Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such file or directory
ldb: Failed to connect to '/var/lib/samba/private/secrets.ldb' with backend 'tdb': Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such
file or directory
Joined domain tls.msk.ru (S-1-5-21-411424318-379842365-2075518510)
# _
So it looks like it joined successfully (tho it does not
add an uid to the machine account), despite these error
messages.
However, after starting winbindd and smbd, and trying to
connect to the new member server, the following errors
are logged in /var/log/samba/log.wb-TLS:
[2022/10/31 16:02:43.434454, 1] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
ldb: Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such file or directory
[2022/10/31 16:02:43.434499, 1] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
ldb: Failed to connect to '/var/lib/samba/private/secrets.ldb' with backend 'tdb': Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such
file or directory
[2022/10/31 16:02:43.961810, 1] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
ldb: Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such file or directory
[2022/10/31 16:02:43.961859, 1] ../../lib/ldb-samba/ldb_wrap.c:79(ldb_wrap_debug)
ldb: Failed to connect to '/var/lib/samba/private/secrets.ldb' with backend 'tdb': Unable to open tdb '/var/lib/samba/private/secrets.ldb': No such
file or directory
...
And indeed, there's only secrets.tdb there, but not secrets.ldb.
When rejoining the domain, I clear all files in /var/lib/samba, /var/cache/samba
and /run/samba, so it is all fresh new.
What's wrong?
Thanks!
/mjt
smb.conf:
# Global parameters
[global]
dedicated keytab file = /etc/krb5.keytab
disable spoolss = Yes
kerberos method = secrets and keytab
log file = /var/log/samba/log.%m
log level = 1
max log size = 1000
netbios name = WH
realm = TLS.MSK.RU
workgroup = TLS
security = ADS
server role = member server
winbind use default domain = Yes
idmap config tls : backend = ad
idmap config tls : range = 1000-4999
idmap config tls : schema_mode = rfc2307
idmap config tls : unix_primary_group = yes
idmap config * : backend = tdb
idmap config * : range = 5000-5099
hosts allow = 192.168.177.0/26 127.0.0.0/8
[homes]
browseable = No
comment = Home Directories
read only = No
More information about the samba
mailing list