Hi Rowland, thanks for your reply.
I tried the command as suggested, and this is what I get:
[root at dc-02 ~]# samba-tool domain join EXAMPLE.COM DC -UAdministrator
--realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL
Finding a writeable DC for domain 'EXAMPLE.COM'
Found DC dc-01.example.com
Password for [WORKGROUP\Administrator]:
workgroup is EXAMPLE
realm is example.com
Adding CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com
Adding
CN=LIM-INF1-DNS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com
Join failed - cleaning up
Deleted CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com
ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT -
CN=Sites,CN=Configuration,DC=example,DC=com <0000208D: NameErr:
DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
'CN=Sites,CN=Configuration,DC=example,DC=com'> <>
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 652, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
1253, in join_DC
ctx.do_join()
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
1151, in do_join
ctx.join_add_objects()
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
593, in join_add_objects
ctx.samdb.add(rec)
This is the content of /etc/hosts
[root at dc-02 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4
localhost4.localdomain4 dc-02.example.com dc-02
::1 localhost localhost.localdomain localhost6
localhost6.localdomain6
10.3.251.19 dc-01.example.com dc-01
Also, I tried by enabling debug level 3
[root at dc-02 ~]# samba-tool domain join EXAMPLE.COM DC -UAdministrator
--realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL --debug 3
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Finding a writeable DC for domain 'EXAMPLE.COM'
resolve_lmhosts: Attempting lmhosts lookup for name _ldap._tcp.EXAMPLE.COM
<0x0>
Found DC dc-01.example.com
resolve_lmhosts: Attempting lmhosts lookup for name
dc-01.example.com<0x20>
Password for [WORKGROUP\Administrator]:
Aquiring initiator credentials failed: kinit for Administrator at EXAMPLE.COM
failed (Wrong realm)
SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT failed: NT_STATUS_UNSUCCESSFUL
Got challenge flags:
Got NTLMSSP neg_flags=0x62898235
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088235
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088235
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088235
workgroup is EXAMPLE
realm is example.com
Adding CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com
Adding
CN=LIM-INF1-DNS-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com
Join failed - cleaning up
ldb_wrap open of secrets.ldb
Could not find machine account in secrets database: Failed to fetch machine
account password for EXAMPLE from both secrets.ldb (Could not find entry to
match filter: '(&(flatname=EXAMPLE)(objectclass=primaryDomain))'
base:
'cn=Primary Domains': No such object: dsdb_search at
../source4/dsdb/common/util.c:4575) and from
/var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com
ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT -
CN=Sites,CN=Configuration,DC=example,DC=com <0000208D: NameErr:
DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
'CN=Sites,CN=Configuration,DC=example,DC=com'> <>
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 652, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
1253, in join_DC
ctx.do_join()
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
1151, in do_join
ctx.join_add_objects()
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
593, in join_add_objects
ctx.samdb.add(rec)
I see some lines mentioning kinit auth, but I tried to get a new ticket and
it worked
[root at dc-02 ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator at EXAMPLE.COM
Valid starting Expires Service principal
04/12/2017 11:39:06 04/12/2017 21:39:06 krbtgt/EXAMPLE.COM at EXAMPLE.COM
renew until 04/13/2017 11:38:59
This machine does not get it's IP from DHCP, but yes, it is managed by
Network Manager, but IP and DNS config are static values.
On 11 April 2017 at 12:38, Rowland Penny via samba <samba at
lists.samba.org>
wrote:
> On Tue, 11 Apr 2017 12:15:43 -0500
> Erick Ocrospoma via samba <samba at lists.samba.org> wrote:
>
> > Hi,
> >
> > I tried with the latest stable 4.5.x, but with no success.
> >
> > Do you think you could share your smb.conf ? and also how you built
> > from source?
> > I suspect there's something missing in the KRB5 for Samba (due to
KDC
> > error messages).
> >
>
> Try it like this:
>
> samba-tool domain join EXAMPLE.COM DC -UAdministrator
> --realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL
>
> If that doesn't work, can you post /etc/hosts, can you also explain why
> you are allowing Network-Manager to set /etc/resolv.conf, does the soon
> to be a DC get its IP from DHCP ??
>
> Does smb.conf already exist ? it shouldn't
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Erick.
-------------------------------------------
IRC : zerick
Blog : http://zerick.me
About : http://about.me/zerick
Linux User ID : 549567
Oh, also, I was asking about the smb.conf because googling I saw some smb.conf with some entries for Kerberos which supposely fixed/helped other people. Currently my /etc/samba/ is empty, so I think it is normal from a Samba built from source. On 12 April 2017 at 10:17, Erick Ocrospoma <zipper1790 at gmail.com> wrote:> Hi Rowland, thanks for your reply. > > I tried the command as suggested, and this is what I get: > > > [root at dc-02 ~]# samba-tool domain join EXAMPLE.COM DC -UAdministrator > --realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL > Finding a writeable DC for domain 'EXAMPLE.COM' > Found DC dc-01.example.com > Password for [WORKGROUP\Administrator]: > workgroup is EXAMPLE > realm is example.com > Adding CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com > Adding CN=LIM-INF1-DNS-02,CN=Servers,CN=Default-First-Site-Name,CN> Sites,CN=Configuration,DC=example,DC=com > Join failed - cleaning up > Deleted CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com > ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT - > CN=Sites,CN=Configuration,DC=example,DC=com <0000208D: NameErr: > DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of: > 'CN=Sites,CN=Configuration,DC=example,DC=com' > > <> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py", > line 176, in _run > return self.run(*args, **kwargs) > File "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py", > line 652, in run > machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend) > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", > line 1253, in join_DC > ctx.do_join() > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", > line 1151, in do_join > ctx.join_add_objects() > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", > line 593, in join_add_objects > ctx.samdb.add(rec) > > > > This is the content of /etc/hosts > > > [root at dc-02 ~]# cat /etc/hosts > 127.0.0.1 localhost localhost.localdomain localhost4 > localhost4.localdomain4 dc-02.example.com dc-02 > ::1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 > 10.3.251.19 dc-01.example.com dc-01 > > > Also, I tried by enabling debug level 3 > > > [root at dc-02 ~]# samba-tool domain join EXAMPLE.COM DC -UAdministrator > --realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL --debug 3 > GENSEC backend 'gssapi_spnego' registered > GENSEC backend 'gssapi_krb5' registered > GENSEC backend 'gssapi_krb5_sasl' registered > GENSEC backend 'spnego' registered > GENSEC backend 'schannel' registered > GENSEC backend 'naclrpc_as_system' registered > GENSEC backend 'sasl-EXTERNAL' registered > GENSEC backend 'ntlmssp' registered > GENSEC backend 'ntlmssp_resume_ccache' registered > GENSEC backend 'http_basic' registered > GENSEC backend 'http_ntlm' registered > GENSEC backend 'krb5' registered > GENSEC backend 'fake_gssapi_krb5' registered > Finding a writeable DC for domain 'EXAMPLE.COM' > resolve_lmhosts: Attempting lmhosts lookup for name _ldap._tcp.EXAMPLE.COM > <0x0> > Found DC dc-01.example.com > resolve_lmhosts: Attempting lmhosts lookup for name dc-01.example.com > <0x20> > Password for [WORKGROUP\Administrator]: > Aquiring initiator credentials failed: kinit for Administrator at EXAMPLE.COM > failed (Wrong realm) > > SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT failed: NT_STATUS_UNSUCCESSFUL > Got challenge flags: > Got NTLMSSP neg_flags=0x62898235 > NTLMSSP: Set final flags: > Got NTLMSSP neg_flags=0x62088235 > NTLMSSP Sign/Seal - Initialising with flags: > Got NTLMSSP neg_flags=0x62088235 > NTLMSSP Sign/Seal - Initialising with flags: > Got NTLMSSP neg_flags=0x62088235 > workgroup is EXAMPLE > realm is example.com > Adding CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com > Adding CN=LIM-INF1-DNS-02,CN=Servers,CN=Default-First-Site-Name,CN> Sites,CN=Configuration,DC=example,DC=com > Join failed - cleaning up > ldb_wrap open of secrets.ldb > Could not find machine account in secrets database: Failed to fetch > machine account password for EXAMPLE from both secrets.ldb (Could not find > entry to match filter: '(&(flatname=EXAMPLE)(objectclass=primaryDomain))' > base: 'cn=Primary Domains': No such object: dsdb_search at > ../source4/dsdb/common/util.c:4575) and from /var/lib/samba/private/secrets.tdb: > NT_STATUS_CANT_ACCESS_DOMAIN_INFO > Deleted CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com > ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT - > CN=Sites,CN=Configuration,DC=example,DC=com <0000208D: NameErr: > DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of: > 'CN=Sites,CN=Configuration,DC=example,DC=com' > > <> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py", > line 176, in _run > return self.run(*args, **kwargs) > File "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py", > line 652, in run > machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend) > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", > line 1253, in join_DC > ctx.do_join() > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", > line 1151, in do_join > ctx.join_add_objects() > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py", > line 593, in join_add_objects > ctx.samdb.add(rec) > > > I see some lines mentioning kinit auth, but I tried to get a new ticket > and it worked > > > [root at dc-02 ~]# klist > Ticket cache: FILE:/tmp/krb5cc_0 > Default principal: Administrator at EXAMPLE.COM > > Valid starting Expires Service principal > 04/12/2017 11:39:06 04/12/2017 21:39:06 krbtgt/EXAMPLE.COM at EXAMPLE.COM > renew until 04/13/2017 11:38:59 > > > > This machine does not get it's IP from DHCP, but yes, it is managed by > Network Manager, but IP and DNS config are static values. > > > On 11 April 2017 at 12:38, Rowland Penny via samba <samba at lists.samba.org> > wrote: > >> On Tue, 11 Apr 2017 12:15:43 -0500 >> Erick Ocrospoma via samba <samba at lists.samba.org> wrote: >> >> > Hi, >> > >> > I tried with the latest stable 4.5.x, but with no success. >> > >> > Do you think you could share your smb.conf ? and also how you built >> > from source? >> > I suspect there's something missing in the KRB5 for Samba (due to KDC >> > error messages). >> > >> >> Try it like this: >> >> samba-tool domain join EXAMPLE.COM DC -UAdministrator >> --realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL >> >> If that doesn't work, can you post /etc/hosts, can you also explain why >> you are allowing Network-Manager to set /etc/resolv.conf, does the soon >> to be a DC get its IP from DHCP ?? >> >> Does smb.conf already exist ? it shouldn't >> >> Rowland >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > > > > -- > > > Erick. > > > ------------------------------------------- > IRC : zerick > Blog : http://zerick.me > About : http://about.me/zerick > Linux User ID : 549567 >-- Erick. ------------------------------------------- IRC : zerick Blog : http://zerick.me About : http://about.me/zerick Linux User ID : 549567
Correct you need a smb.conf. https://wiki.samba.org/index.php/User_Documentation And please do correct your hosts file before you join.>> 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 dc-02.example.com dc-02 << NOT GOOD::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.3.251.19 dc-01.example.com dc-01 << CORRECT Greetz, Louis> -----Oorspronkelijk bericht-----> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Erick Ocrospoma> via samba> Verzonden: woensdag 12 april 2017 17:24> Aan: Rowland Penny> CC: Samba mailing list> Onderwerp: Re: [Samba] Joining Samba4 to existing AD>> Oh, also, I was asking about the smb.conf because googling I saw some> smb.conf with some entries for Kerberos which supposely fixed/helped other> people.>> Currently my /etc/samba/ is empty, so I think it is normal from a Samba> built from source.>>>> On 12 April 2017 at 10:17, Erick Ocrospoma <zipper1790 at gmail.com> wrote:>> > Hi Rowland, thanks for your reply.> >> > I tried the command as suggested, and this is what I get:> >> >> > [root at dc-02 ~]# samba-tool domain join EXAMPLE.COM DC -UAdministrator> > --realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL> > Finding a writeable DC for domain 'EXAMPLE.COM'> > Found DC dc-01.example.com> > Password for [WORKGROUP\Administrator]:> > workgroup is EXAMPLE> > realm is example.com> > Adding CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com> > Adding CN=LIM-INF1-DNS-02,CN=Servers,CN=Default-First-Site-Name,CN > > Sites,CN=Configuration,DC=example,DC=com> > Join failed - cleaning up> > Deleted CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com> > ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT -> > CN=Sites,CN=Configuration,DC=example,DC=com <0000208D: NameErr:> > DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:> > 'CN=Sites,CN=Configuration,DC=example,DC=com'> > > <>> > File "/usr/local/samba/lib64/python2.7/site-> packages/samba/netcmd/__init__.py",> > line 176, in _run> > return self.run(*args, **kwargs)> > File "/usr/local/samba/lib64/python2.7/site-> packages/samba/netcmd/domain.py",> > line 652, in run> > machinepass=machinepass, use_ntvfs=use_ntvfs,> dns_backend=dns_backend)> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",> > line 1253, in join_DC> > ctx.do_join()> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",> > line 1151, in do_join> > ctx.join_add_objects()> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",> > line 593, in join_add_objects> > ctx.samdb.add(rec)> >> >> >> > This is the content of /etc/hosts> >> >> > [root at dc-02 ~]# cat /etc/hosts> > 127.0.0.1 localhost localhost.localdomain localhost4> > localhost4.localdomain4 dc-02.example.com dc-02> > ::1 localhost localhost.localdomain localhost6> > localhost6.localdomain6> > 10.3.251.19 dc-01.example.com dc-01> >> >> > Also, I tried by enabling debug level 3> >> >> > [root at dc-02 ~]# samba-tool domain join EXAMPLE.COM DC -UAdministrator> > --realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL --debug 3> > GENSEC backend 'gssapi_spnego' registered> > GENSEC backend 'gssapi_krb5' registered> > GENSEC backend 'gssapi_krb5_sasl' registered> > GENSEC backend 'spnego' registered> > GENSEC backend 'schannel' registered> > GENSEC backend 'naclrpc_as_system' registered> > GENSEC backend 'sasl-EXTERNAL' registered> > GENSEC backend 'ntlmssp' registered> > GENSEC backend 'ntlmssp_resume_ccache' registered> > GENSEC backend 'http_basic' registered> > GENSEC backend 'http_ntlm' registered> > GENSEC backend 'krb5' registered> > GENSEC backend 'fake_gssapi_krb5' registered> > Finding a writeable DC for domain 'EXAMPLE.COM'> > resolve_lmhosts: Attempting lmhosts lookup for name> _ldap._tcp.EXAMPLE.COM> > <0x0>> > Found DC dc-01.example.com> > resolve_lmhosts: Attempting lmhosts lookup for name dc-01.example.com> > <0x20>> > Password for [WORKGROUP\Administrator]:> > Aquiring initiator credentials failed: kinit for> Administrator at EXAMPLE.COM> > failed (Wrong realm)> >> > SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT failed:> NT_STATUS_UNSUCCESSFUL> > Got challenge flags:> > Got NTLMSSP neg_flags=0x62898235> > NTLMSSP: Set final flags:> > Got NTLMSSP neg_flags=0x62088235> > NTLMSSP Sign/Seal - Initialising with flags:> > Got NTLMSSP neg_flags=0x62088235> > NTLMSSP Sign/Seal - Initialising with flags:> > Got NTLMSSP neg_flags=0x62088235> > workgroup is EXAMPLE> > realm is example.com> > Adding CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com> > Adding CN=LIM-INF1-DNS-02,CN=Servers,CN=Default-First-Site-Name,CN > > Sites,CN=Configuration,DC=example,DC=com> > Join failed - cleaning up> > ldb_wrap open of secrets.ldb> > Could not find machine account in secrets database: Failed to fetch> > machine account password for EXAMPLE from both secrets.ldb (Could not> find> > entry to match filter:> '(&(flatname=EXAMPLE)(objectclass=primaryDomain))'> > base: 'cn=Primary Domains': No such object: dsdb_search at> > ../source4/dsdb/common/util.c:4575) and from> /var/lib/samba/private/secrets.tdb:> > NT_STATUS_CANT_ACCESS_DOMAIN_INFO> > Deleted CN=LIM-INF1-DNS-02,OU=Domain Controllers,DC=example,DC=com> > ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT -> > CN=Sites,CN=Configuration,DC=example,DC=com <0000208D: NameErr:> > DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:> > 'CN=Sites,CN=Configuration,DC=example,DC=com'> > > <>> > File "/usr/local/samba/lib64/python2.7/site-> packages/samba/netcmd/__init__.py",> > line 176, in _run> > return self.run(*args, **kwargs)> > File "/usr/local/samba/lib64/python2.7/site-> packages/samba/netcmd/domain.py",> > line 652, in run> > machinepass=machinepass, use_ntvfs=use_ntvfs,> dns_backend=dns_backend)> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",> > line 1253, in join_DC> > ctx.do_join()> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",> > line 1151, in do_join> > ctx.join_add_objects()> > File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",> > line 593, in join_add_objects> > ctx.samdb.add(rec)> >> >> > I see some lines mentioning kinit auth, but I tried to get a new ticket> > and it worked> >> >> > [root at dc-02 ~]# klist> > Ticket cache: FILE:/tmp/krb5cc_0> > Default principal: Administrator at EXAMPLE.COM> >> > Valid starting Expires Service principal> > 04/12/2017 11:39:06 04/12/2017 21:39:06 krbtgt/EXAMPLE.COM at EXAMPLE.COM> > renew until 04/13/2017 11:38:59> >> >> >> > This machine does not get it's IP from DHCP, but yes, it is managed by> > Network Manager, but IP and DNS config are static values.> >> >> > On 11 April 2017 at 12:38, Rowland Penny via samba> <samba at lists.samba.org>> > wrote:> >> >> On Tue, 11 Apr 2017 12:15:43 -0500> >> Erick Ocrospoma via samba <samba at lists.samba.org> wrote:> >>> >> > Hi,> >> >> >> > I tried with the latest stable 4.5.x, but with no success.> >> >> >> > Do you think you could share your smb.conf ? and also how you built> >> > from source?> >> > I suspect there's something missing in the KRB5 for Samba (due to KDC> >> > error messages).> >> >> >>> >> Try it like this:> >>> >> samba-tool domain join EXAMPLE.COM DC -UAdministrator> >> --realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL> >>> >> If that doesn't work, can you post /etc/hosts, can you also explain why> >> you are allowing Network-Manager to set /etc/resolv.conf, does the soon> >> to be a DC get its IP from DHCP ??> >>> >> Does smb.conf already exist ? it shouldn't> >>> >> Rowland> >>> >>> >> --> >> To unsubscribe from this list go to the following URL and read the> >> instructions: https://lists.samba.org/mailman/options/samba> >>> >> >> >> > --> >> >> > Erick.> >> >> > -------------------------------------------> > IRC : zerick> > Blog : http://zerick.me> > About : http://about.me/zerick> > Linux User ID : 549567> >>>>> -->>> Erick.>>> -------------------------------------------> IRC : zerick> Blog : http://zerick.me> About : http://about.me/zerick> Linux User ID : 549567> --> To unsubscribe from this list go to the following URL and read the> instructions: https://lists.samba.org/mailman/options/samba
On Wed, 12 Apr 2017 10:17:38 -0500 Erick Ocrospoma <zipper1790 at gmail.com> wrote:> Hi Rowland, thanks for your reply. > > > This is the content of /etc/hosts > > > [root at dc-02 ~]# cat /etc/hosts > 127.0.0.1 localhost localhost.localdomain localhost4 > localhost4.localdomain4 dc-02.example.com dc-02 > ::1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 > 10.3.251.19 dc-01.example.com dc-01 > >Try changing it to this: 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain localhost6 10.3.251.19 dc-02.example.com dc-02 Provided that the IP of the new DC is '10.3.251.19' and the short hostname is 'dc-02' and the the dns domain is 'example.com'
On Wed, 12 Apr 2017 10:23:37 -0500 Erick Ocrospoma <zipper1790 at gmail.com> wrote:> Oh, also, I was asking about the smb.conf because googling I saw some > smb.conf with some entries for Kerberos which supposely fixed/helped > other people. > > Currently my /etc/samba/ is empty, so I think it is normal from a > Samba built from source. > >Good, the 'join' will create the smb.conf and will cause an error if there is one. Rowland
On Wed, 12 Apr 2017 17:28:39 +0200 "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:> Correct you need a smb.conf.No he doesn't, he is trying to join another DC.> And please do correct your hosts file before you join. > > > > >> 127.0.0.1 localhost localhost.localdomain localhost4 > >>localhost4.localdomain4 dc-02.example.com dc-02 << NOT GOOD > > ::1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 > > 10.3.251.19 dc-01.example.com dc-01 << CORRECTWell it is correct if the last line is the information for the DC he is trying to join. Rowland