thr3ads.net - samba - [Samba] Samba 4.1.0 join Windows 2003 Server with BIND9

If this information is useful, please help other people find it:
Share via:

Jacó Ramos

2013-Oct-11 15:06 UTC

[Samba] Samba 4.1.0 join Windows 2003 Server with BIND9_DLZ

Hi guys,

When run join in DC

root at samba4:~# samba-tool domain join jacoramos.net.br DC -Uadministrador
--realm=jacoramos.net.br --dns-backend=BIND9_DLZ
Finding a writeable DC for domain 'jacoramos.net.br'
Found DC win2003.jacoramos.net.br
Password for [WORKGROUP\administrador]:
workgroup is JACORAMOS
realm is jacoramos.net.br
checking sAMAccountName
Adding CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
Adding
CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
Adding CN=NTDS
Settings,CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
Adding SPNs to CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
Setting account password for SAMBA4$
Enabling account
Adding DNS account CN=dns-SAMBA4,CN=Users,DC=jacoramos,DC=net,DC=br with
dns/ SPN
Join failed - cleaning up
checking sAMAccountName
Deleted CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
Deleted CN=NTDS
Settings,CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
Deleted
CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
ERROR(ldb): uncaught exception - LDAP error 53 LDAP_UNWILLING_TO_PERFORM -
<0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data
0> <>  File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
line
552, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
line
1169, in join_DC
    ctx.do_join()
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
line
1072, in do_join
    ctx.join_add_objects()
  File "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
line
616, in join_add_objects
    ctx.samdb.add(msg)
root at samba4:~#

-----------------------------------------------

Anyone have any  ideas?

-- 

*"O homem n?o foi criado para ser feliz nem para vencer, mas para viver
para Deus. Quando vive para Deus ? feliz e vence." Isaltino Gomes
*
*
$whoami*

   - Perito Forense Computacional
   - Pentester
   - Esp. em Seguran?a de Redes de Computadores com enf?se a Per?cia
   Forense Computacional - FACID
   - Bacharel em Ci?ncia da Computa??o - UESPI
   - Administrador de Redes de Computadores
   - CCNA Modulo II
   - Lattes: *http://lattes.cnpq.br/1591329268136905*


Esta mensagem pode conter informa??es confidenciais e/ou privilegiadas. Se
voc? n?o for o destinat?rio ou a pessoa autorizada a receber esta mensagem,
n?o deve usar, copiar ou divulgar as informa??es nela contida ou tomar
qualquer a??o baseada nessas informa??es.

Gregory Sloop

2013-Oct-11 15:22 UTC

head link

[Samba] Samba 4.1.0 join Windows 2003 Server with BIND9_DLZ

Wild guess:
The errors I see all have to do with an account that doesn't have a
password, the password is expired etc.

Are you *sure* the account you're using to join with is valid, and
works properly in other contexts?

Do some google searches on: [SvcErr: DSID-031A0FC0, problem 5003
(WILL_NOT_PERFORM), data 0] and you'll see what I mean.

That doesn't mean that's the problem, but that's what I get out of
it
- perhaps incorrectly.

-Greg

JR> Hi guys,

JR> When run join in DC

JR> root at samba4:~# samba-tool domain join jacoramos.net.br DC
-Uadministrador
JR> --realm=jacoramos.net.br --dns-backend=BIND9_DLZ
JR> Finding a writeable DC for domain 'jacoramos.net.br'
JR> Found DC win2003.jacoramos.net.br
JR> Password for [WORKGROUP\administrador]:
JR> workgroup is JACORAMOS
JR> realm is jacoramos.net.br
JR> checking sAMAccountName
JR> Adding CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
JR> Adding
JR>
CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
JR> Adding CN=NTDS
JR>
Settings,CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
JR> Adding SPNs to CN=SAMBA4,OU=Domain
JR> Controllers,DC=jacoramos,DC=net,DC=br
JR> Setting account password for SAMBA4$
JR> Enabling account
JR> Adding DNS account
JR> CN=dns-SAMBA4,CN=Users,DC=jacoramos,DC=net,DC=br with
JR> dns/ SPN
JR> Join failed - cleaning up
JR> checking sAMAccountName
JR> Deleted CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
JR> Deleted CN=NTDS
JR>
Settings,CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
JR> Deleted
JR>
CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
JR> ERROR(ldb): uncaught exception - LDAP error 53 LDAP_UNWILLING_TO_PERFORM
-
JR> <0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM),
data 0>> <>JR>   File
JR>
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
JR> line 175, in _run
JR>     return self.run(*args, **kwargs)
JR>   File
JR>
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
line
JR> 552, in run
JR>     machinepass=machinepass, use_ntvfs=use_ntvfs,
dns_backend=dns_backend)
JR>   File
JR> "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
line
JR> 1169, in join_DC
JR>     ctx.do_join()
JR>   File
JR> "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
line
JR> 1072, in do_join
JR>     ctx.join_add_objects()
JR>   File
JR> "/usr/local/samba/lib/python2.7/site-packages/samba/join.py",
line
JR> 616, in join_add_objects
JR>     ctx.samdb.add(msg)
JR> root at samba4:~#

JR> -----------------------------------------------

JR> Anyone have any  ideas?

JR> -- 

JR> *"O homem n?o foi criado para ser feliz nem para vencer, mas para
viver
JR> para Deus. Quando vive para Deus ? feliz e vence." Isaltino Gomes
JR> *
JR> *
JR> $whoami*

JR>    - Perito Forense Computacional
JR>    - Pentester
JR>    - Esp. em Seguran?a de Redes de Computadores com enf?se a Per?cia
JR>    Forense Computacional - FACID
JR>    - Bacharel em Ci?ncia da Computa??o - UESPI
JR>    - Administrador de Redes de Computadores
JR>    - CCNA Modulo II
JR>    - Lattes: *http://lattes.cnpq.br/1591329268136905*


JR> Esta mensagem pode conter informa??es confidenciais e/ou privilegiadas.
Se
JR> voc? n?o for o destinat?rio ou a pessoa autorizada a receber esta
mensagem,
JR> n?o deve usar, copiar ou divulgar as informa??es nela contida ou tomar
JR> qualquer a??o baseada nessas informa??es.

Andrew Bartlett

2013-Oct-12 18:54 UTC

head link

[Samba] [PATCH] Fix Samba 4.1.0 join Windows 2003 Server with BIND9_DLZ

On Fri, 2013-10-11 at 12:06 -0300, Jac? Ramos wrote:> Hi guys,
> 
> When run join in DC
> 
> root at samba4:~# samba-tool domain join jacoramos.net.br DC
-Uadministrador
> --realm=jacoramos.net.br --dns-backend=BIND9_DLZ
> Finding a writeable DC for domain 'jacoramos.net.br'
> Found DC win2003.jacoramos.net.br
> Password for [WORKGROUP\administrador]:
> workgroup is JACORAMOS
> realm is jacoramos.net.br
> checking sAMAccountName
> Adding CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
> Adding
>
CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
> Adding CN=NTDS
>
Settings,CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
> Adding SPNs to CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
> Setting account password for SAMBA4$
> Enabling account
> Adding DNS account CN=dns-SAMBA4,CN=Users,DC=jacoramos,DC=net,DC=br with
> dns/ SPN
> Join failed - cleaning up
> checking sAMAccountName
> Deleted CN=SAMBA4,OU=Domain Controllers,DC=jacoramos,DC=net,DC=br
> Deleted CN=NTDS
>
Settings,CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
> Deleted
>
CN=SAMBA4,CN=Servers,CN=Primeiro-site-padrao,CN=Sites,CN=Configuration,DC=jacoramos,DC=net,DC=br
> ERROR(ldb): uncaught exception - LDAP error 53 LDAP_UNWILLING_TO_PERFORM -
> <0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data
0
> > <>
>   File
>
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> line 175, in _run
>     return self.run(*args, **kwargs)
>   File
>
"/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
line
> 552, in run
>     machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
>   File
"/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
> 1169, in join_DC
>     ctx.do_join()
>   File
"/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
> 1072, in do_join
>     ctx.join_add_objects()
>   File
"/usr/local/samba/lib/python2.7/site-packages/samba/join.py", line
> 616, in join_add_objects
>     ctx.samdb.add(msg)
> root at samba4:~#
Sorry about that.   Try the attached patch. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-provision-Do-not-set-dns-HOSTNAME-password-during-ad.patch
Type: text/x-patch
Size: 2675 bytes
Desc: not available
URL:
<http://lists.samba.org/pipermail/samba/attachments/20131013/0a56a36e/attachment.bin>

Seemingly Similar Threads

Search for more seemingly similar threads

samba - Oct 2013 - Samba 4.1.0 join Windows 2003 Server with BIND9_DLZ

[Samba] Samba 4.1.0 join Windows 2003 Server with BIND9_DLZ

[Samba] Samba 4.1.0 join Windows 2003 Server with BIND9_DLZ

[Samba] [PATCH] Fix Samba 4.1.0 join Windows 2003 Server with BIND9_DLZ

Seemingly Similar Threads