Hi there,
I'm a newy at samba 4 and I'm trying to joing a samba 4 alpha 17 box to
our domain as a DC so I can "drain" the domain info and use the linux
box to test samba without disturbing the domain itself.
The thing is that I get an error when trying to join the server :
[root at vpdc samba]# bin/samba-tool domain join montecarlotv.com.uy DC
-Uadministrador --realm=montecarlotv.com.uy
Finding a writeable DC for domain 'montecarlotv.com.uy'
Found DC srv-mm.montecarlotv.com.uy
Password for [WORKGROUP\administrador]:
workgroup is CANAL4
realm is montecarlotv.com.uy
checking samaccountname
Adding CN=VPDC,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy
Adding
CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
Adding CN=NTDS
Settings,CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
DsAddEntry failed with status (5, 'WERR_ACCESS_DENIED') info (8567,
'WERR_DS_INCOMPATIBLE_VERSION')
Join failed - cleaning up
checking samaccountname
Deleted CN=VPDC,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy
Deleted
CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy
ERROR(runtime): uncaught exception - DsAddEntry failed
? File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line 167, in _run
??? return self.run(*args, **kwargs)
? File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py",
line 162, in run
??? machinepass=machinepass)
? File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py",
line 949, in join_DC
??? ctx.do_join()
? File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py",
line 854, in do_join
??? ctx.join_add_objects()
? File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py",
line 467, in join_add_objects
??? ctx.join_add_ntdsdsa()
? File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py",
line 416, in join_add_ntdsdsa
??? ctx.DsAddEntry([rec])
? File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py",
line 379, in DsAddEntry
??? raise RuntimeError("DsAddEntry failed")
The only thing that calls my atention is that instead of asking for
CANAL4\administrador password is asking WORKGROUP\administrador.
Any Ideas?
Thanks,
2012-01-10 11:34 keltez?ssel, Juan Pablo Lorier ?rta:> Hi there, > > I'm a newy at samba 4 and I'm trying to joing a samba 4 alpha 17 box to our domain as a DC so I can "drain" the domain info and use the linux box to test samba without disturbing the domain itself. > The thing is that I get an error when trying to join the server : > > [root at vpdc samba]# bin/samba-tool domain join montecarlotv.com.uy DC -Uadministrador --realm=montecarlotv.com.uy > Finding a writeable DC for domain 'montecarlotv.com.uy' > Found DC srv-mm.montecarlotv.com.uy > Password for [WORKGROUP\administrador]: > workgroup is CANAL4 > realm is montecarlotv.com.uy > checking samaccountname > Adding CN=VPDC,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy > Adding CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy > Adding CN=NTDS Settings,CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy > DsAddEntry failed with status (5, 'WERR_ACCESS_DENIED') info (8567, 'WERR_DS_INCOMPATIBLE_VERSION') > Join failed - cleaning up > checking samaccountname > Deleted CN=VPDC,OU=Domain Controllers,DC=montecarlotv,DC=com,DC=uy > Deleted CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy > ERROR(runtime): uncaught exception - DsAddEntry failed > File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 167, in _run > return self.run(*args, **kwargs) > File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py", line 162, in run > machinepass=machinepass) > File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line 949, in join_DC > ctx.do_join() > File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line 854, in do_join > ctx.join_add_objects() > File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line 467, in join_add_objects > ctx.join_add_ntdsdsa() > File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line 416, in join_add_ntdsdsa > ctx.DsAddEntry([rec]) > File "/usr/local/samba/lib64/python2.6/site-packages/samba/join.py", line 379, in DsAddEntry > raise RuntimeError("DsAddEntry failed") > > > The only thing that calls my atention is that instead of asking for CANAL4\administrador password is asking WORKGROUP\administrador. > Any Ideas? > Thanks,In my experience the prerequisite of a successful join is to have a well configured smb.conf. You should put (at least) your domains netbios name under workgroup and your domains name under realm before you would attempt to join. Regards Geza
Hi Geza Thanks for your help. I've followed the how to from samba wiki and there's no example of the smb.conf in it. Can you help me configure it? I only know about samba 3 and have no idea about samba 4 options. The how to is at https://wiki.samba.org/index.php/Samba4_joining_a_domain Regards, JPL
Hi Felix, Thanks for your post. I have no smb.conf as the compiler don't create one after install, I was just commenting a previous answer to my question. I was looking further at the joining process and I see that the script is trying to create entries in the AD at a strange CN. Maybe it's right, but I don't know how to browse into the AD to check if it's correct that the script tries to create an entrie there. Here is the weird output line: Adding CN=VPDC,CN=Servers,CN=Nombre-predeterminado-primer-sitio,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy translated this should be something like: Adding CN=VPDC,CN=Servers,CN=name-default-first-site,CN=Sites,CN=Configuration,DC=montecarlotv,DC=com,DC=uy Maybe the problem is with the script not dealing with the AD in spanish... Regards,
Hi,
While I wait someone to give me a hand, I've been serching and searching and
trying to find a workarround for my problem.
I've tryied to vampire from the windows 2003 server and it could get some
part of the tree, but bearly 98 records from 533 that I can see with ldapsearch.
Also, the servers are not replicating to the samba server and when I do
samba-tool drs kcc -Uadministrator windowsdc.samba.example.com (with the proper
data)
I get
# bin/samba-tool drs kcc -Uadministrador montecarlotv.com.uy
Password for [CANAL4\administrador]:
Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
e3514235-4b06-11d1-ab04-00c04fc2dcd2 at
ncacn_ip_tcp:montecarlotv.com.uy[1024,seal] NT_STATUS_NET_WRITE_FAULT
ERROR(<class 'samba.drs_utils.drsException'>): DRS connection to
montecarlotv.com.uy failed - drsException: DRS connection to montecarlotv.com.uy
failed: (-1073741614, 'NT_STATUS_NET_WRITE_FAULT')
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/drs.py",
line 42, in drsuapi_connect
(ctx.drsuapi, ctx.drsuapi_handle, ctx.bind_supported_extensions) =
drs_utils.drsuapi_connect(ctx.server, ctx.lp, ctx.creds)
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/drs_utils.py",
line 56, in drsuapi_connect
raise drsException("DRS connection to %s failed: %s" % (server, e))
So, I'm still stucked needing a helping hand
Thanks,
JPL