Hi guys,
I changed my /etc/hosts and looks like this:
[root at lim-inf1-dns-02 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4
localhost4.localdomain4
::1 localhost localhost.localdomain localhost6
localhost6.localdomain6
10.3.251.19 dc-01.example.com dc-01
172.28.240.252 dc-02.example.com dc-02
So, to be clear, dc-01.example.com is the Windows AD hostname.
dc-02.example.com is the linux machine itself
I tried to join domain again but it is pretty the same error :(
[root at ldc-02 ~]# samba-tool domain join EXAMPLE.COM DC -UAdministrator
--realm=EXAMPLE.COM --dns-backend=SAMBA_INTERNAL --debug 3
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Finding a writeable DC for domain 'EXAMPLE.COM'
resolve_lmhosts: Attempting lmhosts lookup for name _ldap._tcp.EXAMPLE.COM
<0x0>
Found DC dc-01.example.com
resolve_lmhosts: Attempting lmhosts lookup for name
dc-01.example.com<0x20>
Password for [WORKGROUP\Administrator]:
Aquiring initiator credentials failed: kinit for Administrator at EXAMPLE.COM
failed (Wrong realm)
SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT failed: NT_STATUS_UNSUCCESSFUL
Got challenge flags:
Got NTLMSSP neg_flags=0x62898235
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088235
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088235
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088235
workgroup is EXAMPLE
realm is example.com
Adding CN=DC-02,OU=Domain Controllers,DC=example,DC=com
Adding
CN=DC-02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com
Join failed - cleaning up
ldb_wrap open of secrets.ldb
Could not find machine account in secrets database: Failed to fetch machine
account password for EXAMPLE from both secrets.ldb (Could not find entry to
match filter: '(&(flatname=EXAMPLE)(objectclass=primaryDomain))'
base:
'cn=Primary Domains': No such object: dsdb_search at
../source4/dsdb/common/util.c:4575) and from
/var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=DC-02,OU=Domain Controllers,DC=example,DC=com
ERROR(ldb): uncaught exception - LDAP error 32 LDAP_NO_SUCH_OBJECT -
CN=Sites,CN=Configuration,DC=example,DC=com <0000208D: NameErr:
DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
'CN=Sites,CN=Configuration,DC=example,DC=com'> <>
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 652, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
1253, in join_DC
ctx.do_join()
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
1151, in do_join
ctx.join_add_objects()
File "/usr/local/samba/lib64/python2.7/site-packages/samba/join.py",
line
593, in join_add_objects
ctx.samdb.add(rec)
On 12 April 2017 at 10:49, Rowland Penny via samba <samba at
lists.samba.org>
wrote:
> On Wed, 12 Apr 2017 17:28:39 +0200
> "L.P.H. van Belle via samba" <samba at lists.samba.org>
wrote:
>
> > Correct you need a smb.conf.
>
> No he doesn't, he is trying to join another DC.
>
> > And please do correct your hosts file before you join.
> >
> >
> >
> > >> 127.0.0.1 localhost localhost.localdomain localhost4
> > >>localhost4.localdomain4 dc-02.example.com dc-02 << NOT
GOOD
> >
> > ::1 localhost localhost.localdomain localhost6
> > localhost6.localdomain6
> >
> > 10.3.251.19 dc-01.example.com dc-01 <<
CORRECT
>
> Well it is correct if the last line is the information for the DC he is
> trying to join.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Erick.
-------------------------------------------
IRC : zerick
Blog : http://zerick.me
About : http://about.me/zerick
Linux User ID : 549567