[Samba] Can't join new samba dc to existing dc

fransnicho fransnicho at gmail.com
Fri Aug 16 03:39:55 UTC 2024


 Hi Luis,
Thanks for your response 🙏

I have run :
it at dc4:~$ sudo samba-tool domain tombstones expunge --tombstone-lifetime=0
Removed 2 objects and 0 links successfully
it at dc4:~$ sudo samba-tool dbcheck --cross-ncs --fix --yes
Checking 2918 objects
Checked 2918 objects (0 errors)
it at dc6:~$ sudo samba-tool domain join NICHO.COM DC -UAdministrator at NICHO.COM
--option='idmap_ldb:use rfc2307 = yes' --dns-backend=BIND9_DLZ --verbose
INFO 2024-08-16 10:05:08,284 pid:15996
/usr/lib/python3/dist-packages/samba/join.py #106: Finding a writeable DC
for domain 'NICHO.COM'
INFO 2024-08-16 10:05:08,313 pid:15996
/usr/lib/python3/dist-packages/samba/join.py #108: Found DC dc4.nicho.com
Password for [Administrator at NICHO.COM]:
INFO 2024-08-16 10:05:13,055 pid:15996
/usr/lib/python3/dist-packages/samba/join.py #1614: workgroup is NICHO
INFO 2024-08-16 10:05:13,055 pid:15996
/usr/lib/python3/dist-packages/samba/join.py #1617: realm is nicho.com
Adding CN=DC6,OU=Domain Controllers,DC=nicho,DC=com
Adding
CN=DC6,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=nicho,DC=com
Adding CN=NTDS
Settings,CN=DC6,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=nicho,DC=com
Join failed - cleaning up
Deleted CN=DC6,OU=Domain Controllers,DC=nicho,DC=com
Deleted
CN=DC6,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=nicho,DC=com
ERROR(runtime): uncaught exception - (8430, 'WERR_DS_INTERNAL_FAILURE')
  File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 279,
in _run
    return self.run(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/samba/netcmd/domain/join.py", line
128, in run
    join_DC(logger=logger, server=server, creds=creds, lp=lp, domain=domain,
  File "/usr/lib/python3/dist-packages/samba/join.py", line 1630, in join_DC
    ctx.do_join()
  File "/usr/lib/python3/dist-packages/samba/join.py", line 1518, in do_join
    ctx.join_add_objects()
  File "/usr/lib/python3/dist-packages/samba/join.py", line 673, in
join_add_objects
    ctx.join_add_ntdsdsa()
  File "/usr/lib/python3/dist-packages/samba/join.py", line 598, in
join_add_ntdsdsa
    ctx.DsAddEntry([rec])
  File "/usr/lib/python3/dist-packages/samba/join.py", line 517, in
DsAddEntry
    (level, ctr) = ctx.drsuapi.DsAddEntry(ctx.drsuapi_handle, 2, req2)
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

But the error still exists (not clears).
Is there any other comand should i run to get more deep error information ?

Best Regards,
Nicho.

Pada Kam, 15 Agu 2024 pukul 23.44 Luis Peromarta via samba <
samba at lists.samba.org> menulis:

> Can you run
> samba-tool domain tombstones expunge --tombstone-lifetime=0
>
>
> And
> samba-tool dbcheck --cross-ncs --fix --yes
>
>
> And see if the error clears.
>
> On 15 Aug 2024 at 18:20 +0200, fransnicho via samba <samba at lists.samba.org>,
> wrote:
> > On Thu, Aug 15, 2024, 10:35 fransnicho <fransnicho at gmail.com> wrote:
> >
> > > Pada Rab, 14 Agu 2024 pukul 23.21 Rowland Penny via samba <
> > > samba at lists.samba.org> menulis:
> > >
> > > > On Wed, 14 Aug 2024 16:58:12 +0700
> > > > fransnicho via samba <samba at lists.samba.org> wrote:
> > > >
> > > > > I can not join an additional new samba dc ver. 4.19.5 to an
> existing
> > > > > samba Ad version 4.19.5 functional level 2008 R2.
> > > > >
> > > > > Last week I successfully demote an offline dc3 and move the fsmo
> role
> > > >
> > > > > /var/log/samba/log.samba
> > > > >
> > > > >
> > > > > 16:34:51.368927, 0]
> > > > >
> > > >
> ../../source4/dsdb/repl/replicated_objects.c:1244(dsdb_origin_objects_commit)
> > > > > ../../source4/dsdb/repl/replicated_objects.c:1244: Failed add of
> > > > > CN=NTDS
> > > > >
> > > >
> Settings,CN=DC6,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=nicho,DC=com
> > > > > - objectclass_attrs: attribute 'hasMasterNCs' on entry 'CN=NTDS
> > > > >
> > > >
> Settings,CN=DC6,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=nicho,DC=com'
> > > > > does not exist in the specified objectclasses!
> > > > > [2024/08/14 16:34:51.369239, 0]
> > > > >
> > > >
> ../../source4/rpc_server/drsuapi/addentry.c:209(dcesrv_drsuapi_DsAddEntry)
> > > > > ../../source4/rpc_server/drsuapi/addentry.c:209: DsAddEntry failed
> -
> > > > > WERR_DS_INTERNAL_FAILURE
> > > >
> > > > Have you checked your database with 'samba-tool dbcheck' ?
> > > > Does 'DC6' exist ?
> > > >
> > > > Rowland
> > > >
> > > >
> > > Hi Rowland,
> > > Thanks for your response 🙏
> > > DC6 exist in many deleted objects, when i run below command :
> > >
> > > it at dc4:~$ sudo samba-tool dbcheck -v
> > > Checking 973 objects
> > > Checking object
> > > CN=DC6\0ADEL:7eec18e3-7f3f-49cc-86bc-8bc08b651bcb,CN=Deleted
> > > Objects,DC=nicho,DC=com
> > > Checking object
> > > CN=DC6\0ADEL:51476d30-2626-4169-97a8-4c240e934c2b,CN=Deleted
> > > Objects,DC=nicho,DC=com
> > > Checking object
> > > CN=DC6\0ADEL:54a0a479-a462-4ed1-b4f0-221c596aa455,CN=Deleted
> > > Objects,DC=nicho,DC=com
> > > Checking object
> > > CN=DC6\0ADEL:26516d46-8b40-4837-a112-e2638268a8b5,CN=Deleted
> > > Objects,DC=nicho,DC=com
> > >
> > > Best Regards,
> > > Nicho.
> > >
> > >
> > Hi Rowland,
> > Is there anything wrong with my database ?
> > I'm really2 stuck with the error. Please help..
> >
> > Best Regards,
> >
> > >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list