[Samba] Issues joining DC

Josep Maria Gorro jmgorro at gmail.com
Sun Jun 16 07:09:38 UTC 2024 

Hello Luis.
Thanks for the response. I've tried but appears same result.

    [root at tibidabo ~]# samba-tool dbcheck --cross-ncs --fix --yes
    ltdb:
    tdb(/usr/local/samba/private/sam.ldb.d/DC=DOMAINDNSZONES,DC=DOMAINNAME,DC=LAN.ldb):
    tdb_rec_read bad magic 0xd9fee666 at offset=3878500

    ERROR(ldb): uncaught exception - Indexed and full searches both failed!

       File
    "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
    line 176, in _run
         return self.run(*args, **kwargs)
       File
    "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/dbcheck.py",
    line 157, in run
         controls=controls, attrs=attrs)
       File
    "/usr/local/samba/lib64/python2.7/site-packages/samba/dbchecker.py",
    line 188, in check_database
         res = self.samdb.search(base=DN, scope=scope, attrs=['dn'],
    controls=controls)


It sounds to me that the issue is something related to DNS zone stored 
on AD.
I've take a look at DNS administrator and all seems to be OK. No errors. 
And resolutions OK.
Are there any tool to manually check AD data, record by record, in order 
to manually correct any error?

I found thread 
https://lists.samba.org/archive/samba/2018-July/217379.html that seems 
to be similar, but in that case there was 2 DC. Here I have only one.
On last message Rowland says:

    Ah, you are using a self compiled Samba, this is even easier,
    move /usr/local/samba to /usr/local/oldsamba , then run 'make install
    again. You will get a perfectly new /usr/local/samba again ;-)

I'm using a self compiled Samba too. But removing all files will erase 
also AD information too, isn't it?

Thanks a lot.

El 15/06/2024 a las 21:41, Luis Peromarta via samba escribió:
> Try this and revert back.
> samba-tool dbcheck --cross-ncs --fix --yes
>
>
> LP
> On 15 Jun 2024 at 20:29 +0100, Josep Maria Gorro via samba<samba at lists.samba.org>, wrote:
>> Dear all.
>>
>> Let me make a shot brief of the issue I'm currently experiencing that
>> has been published in a couple of threads. Now I'm going to join them here.
>>
>> Current scenario.
>> Centos7 running a Samba 4.6.5. Any kind of problem at client side, all
>> seems to runs fine. But in some cases the AD objects appears on Windows
>> clients as their SID instead of their name.
>>
>> Rowland has suggested to upgrade Samba (very good proposal). To do this
>> the better steps are:
>> 1.- Install another computer.
>> 2.- Joining it to the domain as a DC.
>> 3.- Migrate FSMO roles from old one to new one.
>> 4.- Demote old DC and remove from AD.
>>
>> So, hands on. Following Luis recommendations, I installed a fresh Debian
>> 12 and followed their setup guide
>> (http://samba.bigbird.es/doku.php?id=samba:start) that is really good.
>> All steps ran fine. But when samba-tool domain join is launched an error
>> appears:
>>
>> Join failed - cleaning up
>>
>> Another time, thanks to Rowland, I used the -d10 parameter to send
>> stdout and stderr to files when launching the samba-tool.
>> Reading the more than 200MB file I can see an error
>> "WERR_DS_DRA_INTERNAL_ERROR". This error appears after lot of AD objects
>> has been processed to be replicated.
>>
>> So this drives me to think that something is failed on AD database.
>>
>> I usually use samba-tool dbcheck (because I don't have any replica) and
>> always the result is OK. But I tried to run samba-tool dbcheck
>> --cross-ncs and this error appears
>>
>> ltdb:
>> tdb(/usr/local/samba/private/sam.ldb.d/DC=DOMAINDNSZONES,DC=DOMAINNAME,DC=LAN.ldb):
>> tdb_rec_read bad magic 0xd9fee666 at offset=3878500
>>
>> ERROR(ldb): uncaught exception - Indexed and full searches both failed!
>>
>>    File
>> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
>> line 176, in _run
>>      return self.run(*args, **kwargs)
>>    File
>> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/dbcheck.py",
>> line 157, in run
>>      controls=controls, attrs=attrs)
>>    File
>> "/usr/local/samba/lib64/python2.7/site-packages/samba/dbchecker.py",
>> line 188, in check_database
>>      res = self.samdb.search(base=DN, scope=scope, attrs=['dn'],
>> controls=controls)
>>
>> Could this error the reason I can't merge new DC to the domain?
>> Can this be solved?
>>
>> Thanks a lot for your valuable help.
>>
>> --
>> ------------------------------------------------------------------------
>> Josep M. Gorro<mailto:jmgorro at gmail.com>
>> *Systems engineer*
>>
>> --
>> Este correo electrónico ha sido analizado en busca de virus por el software antivirus de Avast.
>> www.avast.com
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:https://lists.samba.org/mailman/options/samba

-- 
------------------------------------------------------------------------
Josep M. Gorro <mailto:jmgorro at gmail.com>
*Systems engineer*

-- 
Este correo electrónico ha sido analizado en busca de virus por el software antivirus de Avast.
www.avast.com

More information about the samba mailing list