[Samba] LDAP error 53 LDAP_UNWILLING_TO_PERFORM

Omnis ludis - games sergey.gortinsc17 at gmail.com
Tue May 28 14:58:55 UTC 2024 

A Windows-based domain controller is definitely not an RODC, I can’t
understand why it goes to this line, I’m putting together a package for
testing myself, making some changes to it, maybe this is related to this,
tell me about local, why it’s not advisable to use .local

вт, 28 мая 2024 г. в 14:26, Rowland Penny via samba <samba at lists.samba.org>:

> On Tue, 28 May 2024 12:22:23 +0300
> Omnis ludis - games <sergey.gortinsc17 at gmail.com> wrote:
>
> > the CENTOS 7 operating system is used
>
> OK, but where did you get the Samba packages from, by default, Centos,
> like RHEL cannot be provisioned or joined as a DC.
>
> > the command to enter is as follows: samba-tool domain join
> > admugra.local DC -U Administrator --dns-backend=BIND9_DLZ
>
> Using '.local' is not recommended or supported.
>
> > --realm=ADMUGRA.LOCAL
> > --backend-store=mdb
>
> Don't change the backend, it isn't required.
>
> > --option="ad dc functional
> > level = 2016" --server=dc1.admugra.local -d 10
> > version exactly 4.19
>
> Sorry, but no it isn't, it will be in the format 4.19.x where 'x' is a
> number between (at present) 0 and 6
>
> > join to DC not RODC
>
> That is what I cannot understand, your error is this:
>
> ERROR(ldb): uncaught exception - LDAP error 53
> LDAP_UNWILLING_TO_PERFORM - <00002010: SvcErr: DSID-031A124C, problem
> 5003 (WILL_NOT_PERFORM), data 0> <> File "samba/netcmd/__init__.py",
> line 279, in samba.netcmd.Command._run File
> "samba/netcmd/domain/join.py", line 130, in
> samba.netcmd.domain.join.cmd_domain_join.run File "samba/join.py", line
> 1683, in samba.join.join_DC File "samba/join.py", line 1590, in
> samba.join.DCJoinContext.do_join File "samba/join.py", line 1563, in
> samba.join.DCJoinContext.do_join File "samba/join.py",
> logger.info("Joined domain %s (SID %s) as an RODC" % (ctx.domain_name,
> ctx.domsid))line 649, in samba.join.DCJoinContext.join_add_objects
> Adding CN=DCRED,OU=Domain Controllers,DC=domain,DC=local
>
> The last of the 'File' lines is where the error actually occurs and
> each one of the 'File' lines calls the next.
> If you download the 4.19.0 tarball and go to python/samba/join.py then
> to line 649, you will find that it is actually a blank line, but line
> 651 is: print("Adding %s" % ctx.server_dn), which is the last line of
> your error.
> Line 649 is part of join_add_objects
> The line above it in the error is line 1563, which is DCJoinContext and
> this calls 'ctx.do_join()', which, if it succeeds, runs the next line:
>
> logger.info("Joined domain %s (SID %s) as an RODC" % (ctx.domain_name,
>  ctx.domsid))
>
> So I come back to my original question, where did you get your Samba
> packages from ?
> You seem to running the command to join as a DC, but it seems to end up
> trying join as an RODC, unless I am missing something somewhere.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list