todd kman
2012-Nov-28 22:52 UTC
[Samba] samba 4 join error to MS Server 2003 - WERR_GENERAL_FAILURE
Hi all, I am just experimenting with Samba 4. I have a Ubuntu server 12.04 with samba 4 compiled successfully.? I have webmin installed as well. I am trying to connect the Ubuntu/Samba server on system GIS30 to a web domain called CODOMAIN. CODOMAIN is administered by gis-server-2 a Microsoft Windows Server 2003 R2, Standard x64 - Edition Version 5.2 (Build 3790 : Service Pack 2) (x64). Gis-server-2 is an Active Directory server, and Exchange server.? (Exchange Server 2007 Microsoft Corporation Version: 08.01.0436.000) If I was to guess it looks like the Exchange server component is causing some problem. I can see others referencing the error "Failed to commit objects: WERR_GENERAL_FAILURE" The following thread was from July 2012 and it appears some fix was put into the main but I believe I have downloaded and compiled a more current release of Samba 4 and yet I am still getting this error. http://samba.2283325.n4.nabble.com/Can-t-join-as-DC-on-Samba4-Beta4-5-td4634916.html Is there an update on this? Thanks for any help. When I attempt the join it fails. Below is the command line display. root at gis30://root/samba-master# bin/samba-tool domain join CODOMAIN.LOCAL DC --username=nwadmin --realm=CODOMAIN.LOCAL Finding a writeable DC for domain 'CODOMAIN.LOCAL' Found DC gis-server-2.CODomain.local Password for [CODOMAIN\nwadmin]: workgroup is CODOMAIN realm is CODomain.local checking sAMAccountName Adding CN=GIS30,OU=Domain Controllers,DC=CODomain,DC=local Adding CN=GIS30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CODomain,DC=local Adding CN=NTDS Settings,CN=GIS30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CODomain,DC=local Adding SPNs to CN=GIS30,OU=Domain Controllers,DC=CODomain,DC=local Setting account password for GIS30$ Enabling account Calling bare provision No IPv6 address will be assigned Provision OK for domain DN DC=CODomain,DC=local Starting replication Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[402] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[804] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[1206] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[1608] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[2010] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[2412] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[2814] linked_values[0] Schema-DN[CN=Schema,CN=Configuration,DC=CODomain,DC=local] objects[3032] linked_values[0] Analyze and apply schema objects Partition[CN=Configuration,DC=CODomain,DC=local] objects[402] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[804] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[1206] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[1608] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[2010] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[2412] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[2814] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[3216] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[3618] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[4009] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[4238] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[4395] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[4554] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[4737] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[4837] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[4922] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[5010] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[5097] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[5183] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[5272] linked_values[0] Partition[CN=Configuration,DC=CODomain,DC=local] objects[5411] linked_values[0] Failed to apply records: attribute 'msExchOWATranscodingFileTypes': value #1 on 'CN=owa (Default Web Site),CN=HTTP,CN=Protocols,CN=GIS-SERVER-2,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=CODomain,DC=local' provided more than once: Attribute or value exists Failed to commit objects: WERR_GENERAL_FAILURE Join failed - cleaning up checking sAMAccountName Deleted CN=GIS30,OU=Domain Controllers,DC=CODomain,DC=local Deleted CN=NTDS Settings,CN=GIS30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CODomain,DC=local Deleted CN=GIS30,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=CODomain,DC=local ERROR(<type 'exceptions.TypeError'>): uncaught exception - Failed to process chunk: NT_STATUS_UNSUCCESSFUL File "bin/python/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "bin/python/samba/netcmd/domain.py", line 552, in run machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend) File "bin/python/samba/join.py", line 1104, in join_DC ctx.do_join() File "bin/python/samba/join.py", line 1009, in do_join ctx.join_replicate() File "bin/python/samba/join.py", line 734, in join_replicate replica_flags=ctx.replica_flags) File "bin/python/samba/drs_utils.py", line 252, in replicate schema=schema, req_level=req_level, req=req) root at gis30://root/samba-master#
Andrew Bartlett
2012-Dec-22 08:51 UTC
[Samba] samba 4 join error to MS Server 2003 - WERR_GENERAL_FAILURE
On Wed, 2012-11-28 at 14:52 -0800, todd kman wrote:> Hi all, > I am just experimenting with Samba 4. > I have a Ubuntu server 12.04 with samba 4 compiled successfully. I have webmin installed as well. > I am trying to connect the Ubuntu/Samba server on system GIS30 to a web domain called CODOMAIN. > CODOMAIN is administered by gis-server-2 a Microsoft Windows Server 2003 R2, Standard x64 - Edition Version 5.2 (Build 3790 : Service Pack 2) (x64). > Gis-server-2 is an Active Directory server, and Exchange server. (Exchange Server 2007 Microsoft Corporation Version: 08.01.0436.000) > If I was to guess it looks like the Exchange server component is causing some problem. > > I can see others referencing the error "Failed to commit objects: WERR_GENERAL_FAILURE" > The following thread was from July 2012 and it appears some fix was put into the main but I believe I have downloaded and compiled a more current release of Samba 4 and yet I am still getting this error. > http://samba.2283325.n4.nabble.com/Can-t-join-as-DC-on-Samba4-Beta4-5-td4634916.html > > Is there an update on this?> Failed to apply > records: attribute 'msExchOWATranscodingFileTypes': value #1 on > 'CN=owa (Default Web > Site),CN=HTTP,CN=Protocols,CN=GIS-SERVER-2,CN=Servers,CN=Exchange > Administrative Group (FYDIBOHF23SPDLT),CN=Administrative > Groups,CN=First Organization,CN=Microsoft > Exchange,CN=Services,CN=Configuration,DC=CODomain,DC=local' provided > more than once: Attribute or value exists > Failed to commit > objects: WERR_GENERAL_FAILURE > Join failed -As I said on IRC (but following up here so others might understand the situation better, and so we can loop back to you about fixing this up properly): In short, your other DCs have sent you the same value twice in a multi-valued attribute. This isn't valid LDAP, and we are being stricter than Microsoft is, or we consider two values to be equivalent when Microsoft considers them distinct. The issue is that we haven't tested much with importing exchange-enabled domains so we just haven't seen this before, and so we need to work out how to handle this particular 'violation'. Mostly, we have found that AD doesn't re-check schema syntax during replication, so if somehow a duplicate does get into the system, it will not cause replication to fail. We are stricter, mostly due to the layering of our databases. We may have to turn that off. Running this: ldbsearch -Uadministrator -H ldap://ms-dc -s base -b "CN=owa (Default Web Site),CN=HTTP,CN=Protocols,CN=GIS-SERVER-2,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=CODomain,DC=local" msExchOWATranscodingFileTypes should give us more clues here, and help us solve this for the long term. Please file a bug with this info in the meantime, so we can track this. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org
Reasonably Related Threads
- Joining Samba4 to Domain as DC with Small Business Server 2008 - error with Exchange ldap entries
- samba 4 domain join to win 2008r2 level DC w/ a schema with exchange 2010 extensions: replication after the join is broken
- Errors connecting to Windows Domain with Samba 4.
- WERR_GENERAL_FAILURE joining Samba4 to Win 2k3 domain with Exchange 2007
- DRS replication fails with Windows 2003 R2