Hi guys
When i try to add a member to my domain (samba 4.17.3) receive
ERROR_DNS_UPDATE_FAILED
Then i added manually record A to dns, i can see my dm connected to dc with
smbstatus
but i can't access to my member anymore, what can i do ??
Sorry but it's very urgent
thanks
[root at dm midom]# samba-tool domain join LXmidom.COM MEMBER -U administrator
--server=dc4 -v
Password for [LXmidom\administrator]:
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : 'dc4'
machine_name : 'DM'
domain_name : *
domain_name : 'LXmidom.COM'
domain_name_type : JoinDomNameTypeDNS (1)
account_ou : NULL
admin_account : 'administrator'
admin_domain : NULL
machine_password : NULL
join_flags : 0x00000023 (35)
0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
0: WKSSVC_JOIN_FLAGS_DEFER_SPN
0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
os_version : NULL
os_name : NULL
os_servicepack : NULL
create_upn : 0x00 (0)
upn : NULL
dnshostname : 'DM'
modify_config : 0x00 (0)
ads : NULL
debug : 0x01 (1)
use_kerberos : 0x01 (1)
secure_channel_type : SEC_CHAN_WKSTA (2)
desired_encryption_types : 0x0000001f (31)
provision_computer_account_only: 0x00 (0)
odj_provision_data : NULL
request_offline_join : 0x00 (0)
libnet_join_precreate_machine_acct: Machine account successfully created
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
odj_provision_data : NULL
account_name : 'DM$'
netbios_domain_name : 'LXmidom'
dns_domain_name : 'lxmidom.com'
forest_name : 'lxmidom.com'
dn :
'CN=DM,CN=Computers,DC=lxmidom,DC=com'
domain_guid : c4677d0c-aedd-4d8e-8a56-69827f79abb8
domain_sid : *
domain_sid :
S-1-5-21-822543001-694776171-4236178688
modified_config : 0x00 (0)
error_string : NULL
domain_is_ad : 0x01 (1)
set_encryption_types : 0x00000000 (0)
krb5_salt : 'host/dm.lxmidom.com at
LXmidom.COM'
dcinfo : *
dcinfo: struct netr_DsRGetDCNameInfo
dc_unc : *
dc_unc : '\\dc4.lxmidom.com'
dc_address : *
dc_address : '\\192.168.4.31'
dc_address_type : DS_ADDRESS_TYPE_INET (1)
domain_guid :
c4677d0c-aedd-4d8e-8a56-69827f79abb8
domain_name : *
domain_name : 'lxmidom.com'
forest_name : *
forest_name : 'lxmidom.com'
dc_flags : 0xe00003fd (3758097405)
1: DS_SERVER_PDC
1: DS_SERVER_GC
1: DS_SERVER_LDAP
1: DS_SERVER_DS
1: DS_SERVER_KDC
1: DS_SERVER_TIMESERV
1: DS_SERVER_CLOSEST
1: DS_SERVER_WRITABLE
1: DS_SERVER_GOOD_TIMESERV
0: DS_SERVER_NDNC
0: DS_SERVER_SELECT_SECRET_DOMAIN_6
0: DS_SERVER_FULL_SECRET_DOMAIN_6
0: DS_SERVER_WEBSERV
0: DS_SERVER_DS_8
0: DS_SERVER_DS_9
0: DS_SERVER_DS_10
1: DS_DNS_CONTROLLER
1: DS_DNS_DOMAIN
1: DS_DNS_FOREST_ROOT
dc_site_name : *
dc_site_name :
'Default-First-Site-Name'
client_site_name : *
client_site_name :
'Default-First-Site-Name'
account_rid : 0x00020701 (132865)
result : WERR_OK
DNS Update for dm.lxmidom.com failed: ERROR_DNS_UPDATE_FAILED
DNS update failed: NT_STATUS_UNSUCCESSFUL
Joined domain lxmidom.com (S-1-5-21-822543001-694776171-4236178688)
Corrado Ravinetto
Sistemi informativi
corrado.ravinetto at lanificiocerruti.com <mailto:corrado.ravinetto at
lanificiocerruti.com>
T: +39 015 3591283
[Lanificio F.lli CERRUTI]
Lanificio F.lli Cerruti S.p.A.
Via Cernaia 40, 13900 - Biella (BI) Italy
www.lanificiocerruti.com <http://www.lanificiocerruti.com/>
[Twitter] <https://twitter.com/Lan_Cerruti> [Facebook]
<https://www.facebook.com/LanificioCerruti> [Instagram]
<https://www.instagram.com/lanificiocerruti/>
Rispetta l'ambiente, non stampare questa mail se non necessario
Respect the environment, don't print unless necessary
[Unesco]
On 12/13/22 8:02 AM, Corrado Ravinetto via samba wrote:> Hi guys > When i try to add a member to my domain (samba 4.17.3) receive ERROR_DNS_UPDATE_FAILED > Then i added manually record A to dns, i can see my dm connected to dc with smbstatus > but i can't access to my member anymore, what can i do ?? > Sorry but it's very urgent > thanks > > [root at dm midom]# samba-tool domain join LXmidom.COM MEMBER -U administrator --server=dc4 -v > Password for [LXmidom\administrator]: > libnet_Join: > libnet_JoinCtx: struct libnet_JoinCtx > in: struct libnet_JoinCtx > dc_name : 'dc4' > machine_name : 'DM' > domain_name : * > domain_name : 'LXmidom.COM' > domain_name_type : JoinDomNameTypeDNS (1) > account_ou : NULL > admin_account : 'administrator' > admin_domain : NULL > machine_password : NULL > join_flags : 0x00000023 (35) > 0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS > 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME > 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT > 0: WKSSVC_JOIN_FLAGS_DEFER_SPN > 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED > 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE > 1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED > 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE > 0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE > 1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE > 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE > os_version : NULL > os_name : NULL > os_servicepack : NULL > create_upn : 0x00 (0) > upn : NULL > dnshostname : 'DM' > modify_config : 0x00 (0) > ads : NULL > debug : 0x01 (1) > use_kerberos : 0x01 (1) > secure_channel_type : SEC_CHAN_WKSTA (2) > desired_encryption_types : 0x0000001f (31) > provision_computer_account_only: 0x00 (0) > odj_provision_data : NULL > request_offline_join : 0x00 (0) > libnet_join_precreate_machine_acct: Machine account successfully created > libnet_Join: > libnet_JoinCtx: struct libnet_JoinCtx > out: struct libnet_JoinCtx > odj_provision_data : NULL > account_name : 'DM$' > netbios_domain_name : 'LXmidom' > dns_domain_name : 'lxmidom.com' > forest_name : 'lxmidom.com' > dn : 'CN=DM,CN=Computers,DC=lxmidom,DC=com' > domain_guid : c4677d0c-aedd-4d8e-8a56-69827f79abb8 > domain_sid : * > domain_sid : S-1-5-21-822543001-694776171-4236178688 > modified_config : 0x00 (0) > error_string : NULL > domain_is_ad : 0x01 (1) > set_encryption_types : 0x00000000 (0) > krb5_salt : 'host/dm.lxmidom.com at LXmidom.COM' > dcinfo : * > dcinfo: struct netr_DsRGetDCNameInfo > dc_unc : * > dc_unc : '\\dc4.lxmidom.com' > dc_address : * > dc_address : '\\192.168.4.31' > dc_address_type : DS_ADDRESS_TYPE_INET (1) > domain_guid : c4677d0c-aedd-4d8e-8a56-69827f79abb8 > domain_name : * > domain_name : 'lxmidom.com' > forest_name : * > forest_name : 'lxmidom.com' > dc_flags : 0xe00003fd (3758097405) > 1: DS_SERVER_PDC > 1: DS_SERVER_GC > 1: DS_SERVER_LDAP > 1: DS_SERVER_DS > 1: DS_SERVER_KDC > 1: DS_SERVER_TIMESERV > 1: DS_SERVER_CLOSEST > 1: DS_SERVER_WRITABLE > 1: DS_SERVER_GOOD_TIMESERV > 0: DS_SERVER_NDNC > 0: DS_SERVER_SELECT_SECRET_DOMAIN_6 > 0: DS_SERVER_FULL_SECRET_DOMAIN_6 > 0: DS_SERVER_WEBSERV > 0: DS_SERVER_DS_8 > 0: DS_SERVER_DS_9 > 0: DS_SERVER_DS_10 > 1: DS_DNS_CONTROLLER > 1: DS_DNS_DOMAIN > 1: DS_DNS_FOREST_ROOT > dc_site_name : * > dc_site_name : 'Default-First-Site-Name' > client_site_name : * > client_site_name : 'Default-First-Site-Name' > account_rid : 0x00020701 (132865) > result : WERR_OK > DNS Update for dm.lxmidom.com failed: ERROR_DNS_UPDATE_FAILED > DNS update failed: NT_STATUS_UNSUCCESSFUL > Joined domain lxmidom.com (S-1-5-21-822543001-694776171-4236178688) > > > Corrado Ravinetto > Sistemi informativi > corrado.ravinetto at lanificiocerruti.com <mailto:corrado.ravinetto at lanificiocerruti.com> > T: +39 015 3591283 > [Lanificio F.lli CERRUTI] > Lanificio F.lli Cerruti S.p.A. > Via Cernaia 40, 13900 - Biella (BI) Italy > www.lanificiocerruti.com <http://www.lanificiocerruti.com/> > > [Twitter] <https://twitter.com/Lan_Cerruti> [Facebook] <https://www.facebook.com/LanificioCerruti> [Instagram] <https://www.instagram.com/lanificiocerruti/> > > Rispetta l'ambiente, non stampare questa mail se non necessario > Respect the environment, don't print unless necessary > > [Unesco]`samba-tool domain join <domain> MEMBER` is completely broken prior to Samba 4.15. What version of Samba are you using? -- David Mulder Labs Software Engineer, Samba SUSE 1221 S Valley Grove Way, Suite 500 Pleasant Grove, UT 84062 (P)+1 385.208.2989 dmulder at suse.com http://www.suse.com
On 12/13/22 8:02 AM, Corrado Ravinetto via samba wrote:> Hi guys > When i try to add a member to my domain (samba 4.17.3) receive ERROR_DNS_UPDATE_FAILED > Then i added manually record A to dns, i can see my dm connected to dc with smbstatus > but i can't access to my member anymore, what can i do ?? > Sorry but it's very urgent > thanks > > [root at dm midom]# samba-tool domain join LXmidom.COM MEMBER -U administrator --server=dc4 -v > Password for [LXmidom\administrator]: > libnet_Join: > libnet_JoinCtx: struct libnet_JoinCtx > in: struct libnet_JoinCtx > dc_name : 'dc4' > machine_name : 'DM' > domain_name : * > domain_name : 'LXmidom.COM' > domain_name_type : JoinDomNameTypeDNS (1) > account_ou : NULL > admin_account : 'administrator' > admin_domain : NULL > machine_password : NULL > join_flags : 0x00000023 (35) > 0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS > 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME > 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT > 0: WKSSVC_JOIN_FLAGS_DEFER_SPN > 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED > 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE > 1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED > 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE > 0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE > 1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE > 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE > os_version : NULL > os_name : NULL > os_servicepack : NULL > create_upn : 0x00 (0) > upn : NULL > dnshostname : 'DM' > modify_config : 0x00 (0) > ads : NULL > debug : 0x01 (1) > use_kerberos : 0x01 (1) > secure_channel_type : SEC_CHAN_WKSTA (2) > desired_encryption_types : 0x0000001f (31) > provision_computer_account_only: 0x00 (0) > odj_provision_data : NULL > request_offline_join : 0x00 (0) > libnet_join_precreate_machine_acct: Machine account successfully created > libnet_Join: > libnet_JoinCtx: struct libnet_JoinCtx > out: struct libnet_JoinCtx > odj_provision_data : NULL > account_name : 'DM$' > netbios_domain_name : 'LXmidom' > dns_domain_name : 'lxmidom.com' > forest_name : 'lxmidom.com' > dn : 'CN=DM,CN=Computers,DC=lxmidom,DC=com' > domain_guid : c4677d0c-aedd-4d8e-8a56-69827f79abb8 > domain_sid : * > domain_sid : S-1-5-21-822543001-694776171-4236178688 > modified_config : 0x00 (0) > error_string : NULL > domain_is_ad : 0x01 (1) > set_encryption_types : 0x00000000 (0) > krb5_salt : 'host/dm.lxmidom.com at LXmidom.COM' > dcinfo : * > dcinfo: struct netr_DsRGetDCNameInfo > dc_unc : * > dc_unc : '\\dc4.lxmidom.com' > dc_address : * > dc_address : '\\192.168.4.31' > dc_address_type : DS_ADDRESS_TYPE_INET (1) > domain_guid : c4677d0c-aedd-4d8e-8a56-69827f79abb8 > domain_name : * > domain_name : 'lxmidom.com' > forest_name : * > forest_name : 'lxmidom.com' > dc_flags : 0xe00003fd (3758097405) > 1: DS_SERVER_PDC > 1: DS_SERVER_GC > 1: DS_SERVER_LDAP > 1: DS_SERVER_DS > 1: DS_SERVER_KDC > 1: DS_SERVER_TIMESERV > 1: DS_SERVER_CLOSEST > 1: DS_SERVER_WRITABLE > 1: DS_SERVER_GOOD_TIMESERV > 0: DS_SERVER_NDNC > 0: DS_SERVER_SELECT_SECRET_DOMAIN_6 > 0: DS_SERVER_FULL_SECRET_DOMAIN_6 > 0: DS_SERVER_WEBSERV > 0: DS_SERVER_DS_8 > 0: DS_SERVER_DS_9 > 0: DS_SERVER_DS_10 > 1: DS_DNS_CONTROLLER > 1: DS_DNS_DOMAIN > 1: DS_DNS_FOREST_ROOT > dc_site_name : * > dc_site_name : 'Default-First-Site-Name' > client_site_name : * > client_site_name : 'Default-First-Site-Name' > account_rid : 0x00020701 (132865) > result : WERR_OK > DNS Update for dm.lxmidom.com failed: ERROR_DNS_UPDATE_FAILED > DNS update failed: NT_STATUS_UNSUCCESSFUL > Joined domain lxmidom.com (S-1-5-21-822543001-694776171-4236178688)Your join looks successful to me. The dns update error isn't a major issue (which you've already resolved, you say). What do you mean by "can't access to my member anymore"? Can you be more specific about what is happening? -- David Mulder Labs Software Engineer, Samba SUSE 1221 S Valley Grove Way, Suite 500 Pleasant Grove, UT 84062 (P)+1 385.208.2989 dmulder at suse.com http://www.suse.com