[Samba] Issues joining DC

Josep Maria Gorro jmgorro at gmail.com
Sat Jun 15 19:29:11 UTC 2024 

Dear all.

Let me make a shot brief of the issue I'm currently experiencing that 
has been published in a couple of threads. Now I'm going to join them here.

Current scenario.
Centos7 running a Samba 4.6.5. Any kind of problem at client side, all 
seems to runs fine. But in some cases the AD objects appears on Windows 
clients as their SID instead of their name.

Rowland has suggested to upgrade Samba (very good proposal). To do this 
the better steps are:
1.- Install another computer.
2.- Joining it to the domain as a DC.
3.- Migrate FSMO roles from old one to new one.
4.- Demote old DC and remove from AD.

So, hands on. Following Luis recommendations, I installed a fresh Debian 
12 and followed their setup guide 
(http://samba.bigbird.es/doku.php?id=samba:start) that is really good.
All steps ran fine. But when samba-tool domain join is launched an error 
appears:

Join failed - cleaning up

Another time, thanks to Rowland, I used the -d10 parameter to send 
stdout and stderr to files when launching the samba-tool.
Reading the more than 200MB file I can see an error 
"WERR_DS_DRA_INTERNAL_ERROR". This error appears after lot of AD objects 
has been processed to be replicated.

So this drives me to think that something is failed on AD database.

I usually use samba-tool dbcheck (because I don't have any replica) and 
always the result is OK. But I tried to run samba-tool dbcheck 
--cross-ncs and this error appears

    ltdb:
    tdb(/usr/local/samba/private/sam.ldb.d/DC=DOMAINDNSZONES,DC=DOMAINNAME,DC=LAN.ldb):
    tdb_rec_read bad magic 0xd9fee666 at offset=3878500

    ERROR(ldb): uncaught exception - Indexed and full searches both failed!

       File
    "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
    line 176, in _run
         return self.run(*args, **kwargs)
       File
    "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/dbcheck.py",
    line 157, in run
         controls=controls, attrs=attrs)
       File
    "/usr/local/samba/lib64/python2.7/site-packages/samba/dbchecker.py",
    line 188, in check_database
         res = self.samdb.search(base=DN, scope=scope, attrs=['dn'],
    controls=controls)

Could this error the reason I can't merge new DC to the domain?
Can this be solved?

Thanks a lot for your valuable help.

-- 
------------------------------------------------------------------------
Josep M. Gorro <mailto:jmgorro at gmail.com>
*Systems engineer*

-- 
Este correo electrónico ha sido analizado en busca de virus por el software antivirus de Avast.
www.avast.com

More information about the samba mailing list