thr3ads.net - samba - [Samba] Can't join Samba as a DC to an existing Domain [Jun 2015]

If this information is useful, please help other people find it:
Share via:

Sarah Lee

2015-Jun-15 21:17 UTC

[Samba] Can't join Samba as a DC to an existing Domain

Hello all,

we follow https://wiki.samba.org/index.php/Join_a_domain_as_a_DC to join
samba as a DC but fail. below is our error. we need your advice

////////////////////////////////////////////////////////////////////////////////////////////////////////
samba-tool domain join MELAKA.GOV DC -Uadministrator --realm=MELAKA.GOV
--dns-backend=BIND9_DLZ
Finding a writeable DC for domain 'MELAKA.GOV'
Found DC sogosamba.melaka.gov
Password for [MELAKA\administrator]:
Password for [MELAKA\administrator]:
workgroup is MELAKA
realm is melaka.gov
checking sAMAccountName
Adding CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
Adding
CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=melaka,DC=gov
Adding CN=NTDS
Settings,CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=melaka,DC=gov
Adding SPNs to CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
Setting account password for SOGOSAMBAREP$
Enabling account
Calling bare provision
Provision OK for domain DN DC=melaka,DC=gov
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] objects[402/2620]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] objects[804/2620]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] objects[1206/2620]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] objects[1608/2620]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] objects[2010/2620]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] objects[2412/2620]
linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] objects[2620/2620]
linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=melaka,DC=gov] objects[402/1748]
linked_values[0/0]
Partition[CN=Configuration,DC=melaka,DC=gov] objects[804/1748]
linked_values[0/0]
Partition[CN=Configuration,DC=melaka,DC=gov] objects[1206/1748]
linked_values[0/0]
Partition[CN=Configuration,DC=melaka,DC=gov] objects[1608/1748]
linked_values[0/0]
Partition[CN=Configuration,DC=melaka,DC=gov] objects[1748/1748]
linked_values[24/0]
Replicating critical objects from the base DN of the domain
Partition[DC=melaka,DC=gov] objects[97/97] linked_values[55/0]
Partition[DC=melaka,DC=gov] objects[499/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[901/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[1303/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[1705/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[2107/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[2509/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[2911/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[3313/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[3715/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[4117/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[4519/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[4921/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[5323/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[5725/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[6127/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[6529/29898] linked_values[0/0]
Partition[DC=melaka,DC=gov] objects[6931/29898] linked_values[0/0]
Join failed - cleaning up
checking sAMAccountName
Deleted CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
Deleted CN=NTDS
Settings,CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=melaka,DC=gov
Deleted
CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=melaka,DC=gov
ERROR(runtime): uncaught exception - (8437,
'WERR_DS_DRA_INVALID_PARAMETER')
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line
175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/domain.py",
line
552, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib64/python2.6/site-packages/samba/join.py", line 1104,
in
join_DC
    ctx.do_join()
  File "/usr/lib64/python2.6/site-packages/samba/join.py", line 1009,
in
do_join
    ctx.join_replicate()
  File "/usr/lib64/python2.6/site-packages/samba/join.py", line 748,
in
join_replicate
    replica_flags=ctx.domain_replica_flags)
  File "/usr/lib64/python2.6/site-packages/samba/drs_utils.py", line
248,
in replicate
    (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle, req_level, req)
///////////////////////////////////////////////////////////////////////////////////////////////////////

L.P.H. van Belle

2015-Jun-16 08:04 UTC

head link

[Samba] Can't join Samba as a DC to an existing Domain

can you provide more info. 

like: 
OS running? 
samba version? 
Samba package or from source? 

samba AD DC version and OS? 

If there is and smb.conf when you join, remove it or rename it and try joining
again.


Greetz, 

Louis
 
>-----Oorspronkelijk bericht-----
>Van: sarah.leecb at gmail.com 
>[mailto:samba-bounces at lists.samba.org] Namens Sarah Lee
>Verzonden: maandag 15 juni 2015 23:17
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Can't join Samba as a DC to an existing Domain
>
>Hello all,
>
>we follow 
>https://wiki.samba.org/index.php/Join_a_domain_as_a_DC to join
>samba as a DC but fail. below is our error. we need your advice
>
>///////////////////////////////////////////////////////////////
>/////////////////////////////////////////
>samba-tool domain join MELAKA.GOV DC -Uadministrator --realm=MELAKA.GOV
>--dns-backend=BIND9_DLZ
>Finding a writeable DC for domain 'MELAKA.GOV'
>Found DC sogosamba.melaka.gov
>Password for [MELAKA\administrator]:
>Password for [MELAKA\administrator]:
>workgroup is MELAKA
>realm is melaka.gov
>checking sAMAccountName
>Adding CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
>Adding
>CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=melaka,DC=gov>Adding CN=NTDS
>Settings,CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,
CN=Sites,CN=Configuration,DC=melaka,DC=gov>Adding SPNs to CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
>Setting account password for SOGOSAMBAREP$
>Enabling account
>Calling bare provision
>Provision OK for domain DN DC=melaka,DC=gov
>Starting replication
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] 
>objects[402/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] 
>objects[804/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] 
>objects[1206/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] 
>objects[1608/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] 
>objects[2010/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] 
>objects[2412/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov] 
>objects[2620/2620]
>linked_values[0/0]
>Analyze and apply schema objects
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[402/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[804/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[1206/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[1608/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[1748/1748]
>linked_values[24/0]
>Replicating critical objects from the base DN of the domain
>Partition[DC=melaka,DC=gov] objects[97/97] linked_values[55/0]
>Partition[DC=melaka,DC=gov] objects[499/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[901/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[1303/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[1705/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[2107/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[2509/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[2911/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[3313/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[3715/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[4117/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[4519/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[4921/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[5323/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[5725/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[6127/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[6529/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[6931/29898] linked_values[0/0]
>Join failed - cleaning up
>checking sAMAccountName
>Deleted CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
>Deleted CN=NTDS
>Settings,CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,
CN=Sites,CN=Configuration,DC=melaka,DC=gov>Deleted
>CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=melaka,DC=gov>ERROR(runtime): uncaught exception - (8437, 
>'WERR_DS_DRA_INVALID_PARAMETER')
>  File 
>"/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line
>175, in _run
>    return self.run(*args, **kwargs)
>  File 
>"/usr/lib64/python2.6/site-packages/samba/netcmd/domain.py", line
>552, in run
>    machinepass=machinepass, use_ntvfs=use_ntvfs, 
>dns_backend=dns_backend)
>  File "/usr/lib64/python2.6/site-packages/samba/join.py", 
>line 1104, in
>join_DC
>    ctx.do_join()
>  File "/usr/lib64/python2.6/site-packages/samba/join.py", 
>line 1009, in
>do_join
>    ctx.join_replicate()
>  File "/usr/lib64/python2.6/site-packages/samba/join.py", line
748, in
>join_replicate
>    replica_flags=ctx.domain_replica_flags)
>  File 
>"/usr/lib64/python2.6/site-packages/samba/drs_utils.py", line 248,
>in replicate
>    (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle, 
>req_level, req)
>///////////////////////////////////////////////////////////////
>////////////////////////////////////////
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>

L.P.H. van Belle

2015-Jun-17 06:26 UTC

head link

[Samba] Can't join Samba as a DC to an existing Domain

Hai Sarah, 
?
ok, this wil be a hard one for me since i dont have any redhat/centos os here. 
ok, first, make sure that the DC with FSMO roles its database is checked and ok.
?
can you run : 
samba-tool dbcheck --cross-ncs
?
i've seen and old bug report, but no solution there. 
And can you try to install a higher non sogo samba version. samba 4.0.1 is a bit
old.
if you switch to debian or ubuntu you can run sogo with samba 4.1.18 
?
?
Greetz, 
?
Louis
?


Van: Sarah Lee [mailto:sarah.leecb at gmail.com] 
Verzonden: dinsdag 16 juni 2015 15:15
Aan: L.P.H. van Belle
Onderwerp: Re: Can't join Samba as a DC to an existing Domain



Tq for reply.. We use centos. 6.5 , package?samba version 4.0.1 sogo repo. 

Already remove smb.conf and rejoin but still stuck.

On Tuesday, June 16, 2015, L.P.H. van Belle <belle at bazuin.nl> wrote:
can you provide more info.

like:
OS running?
samba version?
Samba package or from source?

samba AD DC version and OS?

If there is and smb.conf when you join, remove it or rename it and try joining
again.


Greetz,

Louis

>-----Oorspronkelijk bericht-----
>Van: sarah.leecb at gmail.com
>[mailto:samba-bounces at lists.samba.org] Namens Sarah Lee
>Verzonden: maandag 15 juni 2015 23:17
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Can't join Samba as a DC to an existing Domain
>
>Hello all,
>
>we follow
>https://wiki.samba.org/index.php/Join_a_domain_as_a_DC to join
>samba as a DC but fail. below is our error. we need your advice
>
>///////////////////////////////////////////////////////////////
>/////////////////////////////////////////
>samba-tool domain join MELAKA.GOV DC -Uadministrator --realm=MELAKA.GOV
>--dns-backend=BIND9_DLZ
>Finding a writeable DC for domain 'MELAKA.GOV'
>Found DC sogosamba.melaka.gov
>Password for [MELAKA\administrator]:
>Password for [MELAKA\administrator]:
>workgroup is MELAKA
>realm is melaka.gov
>checking sAMAccountName
>Adding CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
>Adding
>CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=melaka,DC=gov>Adding CN=NTDS
>Settings,CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,
CN=Sites,CN=Configuration,DC=melaka,DC=gov>Adding SPNs to CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
>Setting account password for SOGOSAMBAREP$
>Enabling account
>Calling bare provision
>Provision OK for domain DN DC=melaka,DC=gov
>Starting replication
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov]
>objects[402/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov]
>objects[804/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov]
>objects[1206/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov]
>objects[1608/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov]
>objects[2010/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov]
>objects[2412/2620]
>linked_values[0/0]
>Schema-DN[CN=Schema,CN=Configuration,DC=melaka,DC=gov]
>objects[2620/2620]
>linked_values[0/0]
>Analyze and apply schema objects
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[402/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[804/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[1206/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[1608/1748]
>linked_values[0/0]
>Partition[CN=Configuration,DC=melaka,DC=gov] objects[1748/1748]
>linked_values[24/0]
>Replicating critical objects from the base DN of the domain
>Partition[DC=melaka,DC=gov] objects[97/97] linked_values[55/0]
>Partition[DC=melaka,DC=gov] objects[499/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[901/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[1303/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[1705/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[2107/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[2509/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[2911/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[3313/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[3715/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[4117/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[4519/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[4921/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[5323/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[5725/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[6127/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[6529/29898] linked_values[0/0]
>Partition[DC=melaka,DC=gov] objects[6931/29898] linked_values[0/0]
>Join failed - cleaning up
>checking sAMAccountName
>Deleted CN=SOGOSAMBAREP,OU=Domain Controllers,DC=melaka,DC=gov
>Deleted CN=NTDS
>Settings,CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,
CN=Sites,CN=Configuration,DC=melaka,DC=gov>Deleted
>CN=SOGOSAMBAREP,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=melaka,DC=gov>ERROR(runtime): uncaught exception - (8437,
>'WERR_DS_DRA_INVALID_PARAMETER')
>? File
>"/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line
>175, in _run
>? ? return self.run(*args, **kwargs)
>? File
>"/usr/lib64/python2.6/site-packages/samba/netcmd/domain.py", line
>552, in run
>? ? machinepass=machinepass, use_ntvfs=use_ntvfs,
>dns_backend=dns_backend)
>? File "/usr/lib64/python2.6/site-packages/samba/join.py",
>line 1104, in
>join_DC
>? ? ctx.do_join()
>? File "/usr/lib64/python2.6/site-packages/samba/join.py",
>line 1009, in
>do_join
>? ? ctx.join_replicate()
>? File "/usr/lib64/python2.6/site-packages/samba/join.py", line
748, in
>join_replicate
>? ? replica_flags=ctx.domain_replica_flags)
>? File
>"/usr/lib64/python2.6/site-packages/samba/drs_utils.py", line 248,
>in replicate
>? ? (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle,
>req_level, req)
>///////////////////////////////////////////////////////////////
>////////////////////////////////////////
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:? https://lists.samba.org/mailman/options/samba
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions:? https://lists.samba.org/mailman/options/samba

Maybe Matching Threads

Search for more apparently analagous threads

samba - Jun 2015 - Can't join Samba as a DC to an existing Domain

[Samba] Can't join Samba as a DC to an existing Domain

[Samba] Can't join Samba as a DC to an existing Domain

[Samba] Can't join Samba as a DC to an existing Domain

Maybe Matching Threads