[Samba] Joining Windows Server 2022 to Samba Domain
Dawson Greeley
dgreeley at xes-inc.com
Wed May 10 15:04:44 UTC 2023
Hi,
I'm attempting to join a Windows Server 2022 to an existing domain Im running into issues as I am trying to migrate away from Samba DCs (:sad:)
I've been able to successfully join a Windows Server 2022 to a fresh domain without much trouble after following tranquil.it<https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_add_windows_active_directory.html>'s guide as well as adding dsdb:schema update allowed=true to my /etc/samba/smb.conf on the domain controllers.
Unfortunately when attempting to join a Windows Server 2022 to the existing domain Im running into an issue with it applying sch75.ldf schema changes. The specific error is Insufficient Rights Ldap error code 50 and goes on about saying that the join user being in both Enterprise & Schema admin groups should resolve this but the user is indeed in both groups.
In both my brand new domain and existing domains the following can be assumed:
Samba version 4.17
Domain Functional Level 2008 R2
Just looking on input/guidance of where to debug on this existing domain where it thinks it has insufficient permissions. I know both the samba wiki & tranquil.it only state this is possible with 2012 Windows DC's but I was able to get it working on a fresh instance and replication etc all seems to be working fine. Im looking to avoid needing to spin up an older version of Windows server to replicate from
TYIA,
Dawson
More information about the samba
mailing list