Hi people: I can't join a second samba 4.1.16 domain controller to an existing domain. This domain just contain a DC based on Zentyal 3.4. When I try this from the samba server: samba-tool domain join dtcf.etecsa.cu DC -U administrator --realm=dtcf.etecsa.cu --dns-backend=BIND9_DLZ But it returns: No objectClass found in replPropertyMetaData for CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! Failed to apply records: replmd_replicated_apply_add: error during DRS repl ADD: No objectClass found in replPropertyMetaData for CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! : Object class violation Failed to commit objects: WERR_GENERAL_FAILURE Join failed - cleaning up I have always had some errors when I type: samba-tool dbcheck --fix in the zentyal server. A kind of some entries without parents. I suppose I should fix that before adding a second domain controller to the domain, but I don't know how to do that. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: not available URL: <http://lists.samba.org/pipermail/samba/attachments/20150209/d8d614ff/attachment.ksh>
> Hi people: > > I can't join a second samba 4.1.16 domain controller to an existing > domain. This domain just contain a DC based on Zentyal 3.4. > > When I try this from the samba server: > > samba-tool domain join dtcf.etecsa.cu DC -U administrator > --realm=dtcf.etecsa.cu --dns-backend=BIND9_DLZ > > But it returns: > > No objectClass found in replPropertyMetaData for > CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! > > Failed to apply records: replmd_replicated_apply_add: error during DRS > repl ADD: No objectClass found in replPropertyMetaData for > CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! > : Object class violation > Failed to commit objects: WERR_GENERAL_FAILURE > Join failed - cleaning up > > I have always had some errors when I type: samba-tool dbcheck --fix in > the zentyal server. A kind of some entries without parents. I suppose > I should fix that > before adding a second domain controller to the domain, but I don't > know how to do that. > >-------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: not available URL: <http://lists.samba.org/pipermail/samba/attachments/20150209/9ce8fda0/attachment.ksh>
On 09/02/15 20:41, Denis Morejon Lopez wrote:> > Hi people: > > I can't join a second samba 4.1.16 domain controller to an existing > domain. This domain just contain a DC based on Zentyal 3.4. > > When I try this from the samba server: > > samba-tool domain join dtcf.etecsa.cu DC -U administrator > --realm=dtcf.etecsa.cu --dns-backend=BIND9_DLZ > > But it returns: > > No objectClass found in replPropertyMetaData for > CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! > > Failed to apply records: replmd_replicated_apply_add: error during DRS > repl ADD: No objectClass found in replPropertyMetaData for > CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! > : Object class violation > Failed to commit objects: WERR_GENERAL_FAILURE > Join failed - cleaning up > > I have always had some errors when I type: samba-tool dbcheck --fix in > the zentyal server. A kind of some entries without parents. I suppose > I should fix that > before adding a second domain controller to the domain, but I don't > know how to do that. > > > > --- > This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu > Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com> > >Try it with the realm in UPPERCASE Rowland
No, I got the same result. On 02/09/2015 04:16 PM, Rowland Penny wrote:> > On 09/02/15 20:41, Denis Morejon Lopez wrote: >> >> Hi people: >> >> I can't join a second samba 4.1.16 domain controller to an existing >> domain. This domain just contain a DC based on Zentyal 3.4. >> >> When I try this from the samba server: >> >> samba-tool domain join dtcf.etecsa.cu DC -U administrator >> --realm=dtcf.etecsa.cu --dns-backend=BIND9_DLZ >> >> But it returns: >> >> No objectClass found in replPropertyMetaData for >> CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! >> >> Failed to apply records: replmd_replicated_apply_add: error during >> DRS repl ADD: No objectClass found in replPropertyMetaData for >> CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! >> : Object class violation >> Failed to commit objects: WERR_GENERAL_FAILURE >> Join failed - cleaning up >> >> I have always had some errors when I type: samba-tool dbcheck --fix >> in the zentyal server. A kind of some entries without parents. I >> suppose I should fix that >> before adding a second domain controller to the domain, but I don't >> know how to do that. >> >> >> >> --- >> This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE >> running at host imx3.etecsa.cu >> Visit our web-site: <http://www.kaspersky.com>, >> <http://www.viruslist.com> >> >> > > Try it with the realm in UPPERCASE > > Rowland > > > > --- > This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx2.etecsa.cu > Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>-------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: not available URL: <http://lists.samba.org/pipermail/samba/attachments/20150209/d90fb0fc/attachment.ksh>
Denis Morejon Lopez
2015-Feb-13 13:22 UTC
[Samba] I can't join to an existing domain (yet)
People: I have not solved my problem. I have only one DC with Zentyal 3.4 and I want to change it by samba 4.1.16. That's why if I can't join the samba to the existing domain I would not do anything else. The samba server error is this: (Command from samba) samba-tool domain join dtcf.etecsa.cu DC -U administrator --realm=DTCF.ETECSA.CU --dns-backend=BIND9_DLZ (Response) No objectClass found in replPropertyMetaData for CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! Failed to apply records: replmd_replicated_apply_add: error during DRS repl ADD: No objectClass found in replPropertyMetaData for CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu! : Object class violation Failed to commit objects: WERR_GENERAL_FAILURE Join failed - cleaning up I can see this entry in the Zentyal server (Command from Zentyal) ldbsearch -H /var/lib/samba/private/sam.ldb '(CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5)' (Response) # record 1 dn: CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu cn:: UEMwMDAxNzEwNDMzNgpDTkY6NTc5ODQyNWEtZGIzMC00ZjM5LTk4ZWQtNmU4YWExNWMzNGI1 instanceType: 4 whenChanged: 20140811142141.0Z uSNCreated: 3996 uSNChanged: 3996 name:: UEMwMDAxNzEwNDMzNgpDTkY6NTc5ODQyNWEtZGIzMC00ZjM5LTk4ZWQtNmU4YWExNWMzNGI 1 objectGUID: 5798425a-db30-4f39-98ed-6e8aa15c34b5 distinguishedName: CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5 ,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu But I can't delete it (Command from Zentyal) ldbdel -H /var/lib/samba/private/sam.ldb 'CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu' (Response) delete of 'CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu' failed - (No such object) objectclass: Cannot delete CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu, entry does not exist! So, I tried all ldbdel options looking for one that forces the deletion. And I found "--relax" (Command from Zentyal) ldbdel --relax -H /var/lib/samba/private/sam.ldb 'CN=PC00017104336\0ACNF:5798425a-db30-4f39-98ed-6e8aa15c34b5,CN=PC009375,CN=Computers,DC=dtcf,DC=etecsa,DC=cu' (Response) ==============================================================INTERNAL ERROR: Signal 11 in pid 26667 (4.1.5-Zentyal) Please read the Trouble-Shooting section of the Samba HOWTO ==============================================================PANIC: internal error Aborted (core dumped) I repeated the operation stopping samba daemon but the I got the same response. Event, I could delete other entries with the pattern '(CN=*CNF:*)' as Rowland taught me. But only 10 are not erasable like the one I write here. Is it imposible to delete these bad entries ?? -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: not available URL: <http://lists.samba.org/pipermail/samba/attachments/20150213/e6a9c040/attachment.ksh>