Daniel McFeeters
2017-Dec-21 18:16 UTC
[Samba] WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain
I thought I had posted already, but my first message may have been confusing.
Here is the output of the domain join:
$ sudo samba-tool domain join redacted.domain.local DC
-U"REDACTED\my.domain.admin" --dns-backend=SAMBA_INTERNAL
Finding a writeable DC for domain 'redacted.domain.local'
Found DC samba4dom.redacted.domain.local
Password for [REDACTED\my.domain.admin]:
NO DNS zone information found in source domain, not replicating DNS
workgroup is REDACTED
realm is redacted.domain.local
Adding CN=SAMBA4DC2,OU=Domain Controllers,DC=redacted,DC=domain,DC=local
Adding
CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
Adding CN=NTDS
Settings,CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
Adding SPNs to CN=SAMBA4DC2,OU=Domain Controllers,DC=redacted,DC=domain,DC=local
Setting account password for SAMBA4DC2$
Enabling account
Calling bare provision
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
A Kerberos configuration suitable for Samba AD has been generated at
/var/lib/samba/private/krb5.conf
Provision OK for domain DN DC=redacted,DC=domain,DC=local
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local]
objects[402/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local]
objects[804/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local]
objects[1206/1550] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local]
objects[1550/1550] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[402/1606]
linked_values[0/0]
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[804/1606]
linked_values[0/0]
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[1206/1606]
linked_values[0/0]
Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] objects[1605/1606]
linked_values[22/22]
Replicating critical objects from the base DN of the domain
Partition[DC=redacted,DC=domain,DC=local] objects[76/74] linked_values[21/21]
Partition[DC=redacted,DC=domain,DC=local] objects[478/19960] linked_values[0/0]
Failed to commit objects: WERR_DS_DRA_MISSING_PARENT
Join failed - cleaning up
Deleted CN=SAMBA4DC2,OU=Domain Controllers,DC=redacted,DC=domain,DC=local
Deleted CN=NTDS
Settings,CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
Deleted
CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local
ERROR(runtime): uncaught exception - (8460, "Failed to process
'chunk' of DRS replicated objects: WERR_DS_DRA_MISSING_PARENT")
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
line 176, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line
661, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in
join_DC
ctx.do_join()
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1377, in
do_join
ctx.join_replicate()
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 936, in
join_replicate
replica_flags=ctx.domain_replica_flags)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line
295, in replicate
schema=schema, req_level=req_level, req=req)
$
Daniel McFeeters
----- Original Message -----> From: "samba" <samba at lists.samba.org>
> To: "samba" <samba at lists.samba.org>
> Sent: Thursday, December 21, 2017 12:43:07 PM
> Subject: Re: [Samba] WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to
Samba4 Domain
> On Thu, 21 Dec 2017 12:16:23 -0500 (EST)
> Daniel McFeeters <danielj.mcfeeters at lcdhd.org> wrote:
> > I am not able to join a second domain controller to the domain,
> > though. Is this a samba bug, or is there something I can do to fix
> > the WERR_DS_DRA_MISSING_PARENT error?
> > Daniel McFeeters
> Can you post the join command you are using and the the command output.
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
Rowland Penny
2017-Dec-21 18:39 UTC
[Samba] WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain
On Thu, 21 Dec 2017 13:16:05 -0500 (EST) Daniel McFeeters <danielj.mcfeeters at lcdhd.org> wrote:> I thought I had posted already, but my first message may have been > confusing. Here is the output of the domain join: > > $ sudo samba-tool domain join redacted.domain.local DC > -U"REDACTED\my.domain.admin" --dns-backend=SAMBA_INTERNAL Finding a > writeable DC for domain 'redacted.domain.local' Found DC > samba4dom.redacted.domain.local Password for > [REDACTED\my.domain.admin]: NO DNS zone information found in sourceAre you not running a dns server on the original DC ?> domain, not replicating DNS workgroup is REDACTED > realm is redacted.domain.local > Adding CN=SAMBA4DC2,OU=Domain > Controllers,DC=redacted,DC=domain,DC=local Adding > CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local > Adding CN=NTDS > Settings,CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local > Adding SPNs to CN=SAMBA4DC2,OU=Domain > Controllers,DC=redacted,DC=domain,DC=local Setting account password > for SAMBA4DC2$ Enabling account Calling bare provision Looking up > IPv4 addresses Looking up IPv6 addresses > No IPv6 address will be assigned > Setting up secrets.ldb > Setting up the registry > Setting up the privileges database > Setting up idmap db > Setting up SAM db > Setting up sam.ldb partitions and settings > Setting up sam.ldb rootDSE > Pre-loading the Samba 4 and AD schema > A Kerberos configuration suitable for Samba AD has been generated > at /var/lib/samba/private/krb5.conf Provision OK for domain DN > DC=redacted,DC=domain,DC=local Starting replication > Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[402/1550] linked_values[0/0] > Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[804/1550] linked_values[0/0] > Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[1206/1550] linked_values[0/0] > Schema-DN[CN=Schema,CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[1550/1550] linked_values[0/0] Analyze and apply schema > objects Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[402/1606] linked_values[0/0] > Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[804/1606] linked_values[0/0] > Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[1206/1606] linked_values[0/0] > Partition[CN=Configuration,DC=redacted,DC=domain,DC=local] > objects[1605/1606] linked_values[22/22] Replicating critical objects > from the base DN of the domain > Partition[DC=redacted,DC=domain,DC=local] objects[76/74] > linked_values[21/21] Partition[DC=redacted,DC=domain,DC=local] > objects[478/19960] linked_values[0/0] Failed to commit objects: > WERR_DS_DRA_MISSING_PARENT Join failed - cleaning up Deleted > CN=SAMBA4DC2,OU=Domain Controllers,DC=redacted,DC=domain,DC=local > Deleted CN=NTDS > Settings,CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local > Deleted > CN=SAMBA4DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=redacted,DC=domain,DC=local > ERROR(runtime): uncaught exception - (8460, "Failed to process > 'chunk' of DRS replicated objects: WERR_DS_DRA_MISSING_PARENT") File > "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line > 176, in _run return self.run(*args, **kwargs) File > "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 661, > in run machinepass=machinepass, use_ntvfs=use_ntvfs, > dns_backend=dns_backend) File > "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in > join_DC ctx.do_join() File > "/usr/lib/python2.7/dist-packages/samba/join.py", line 1377, in > do_join ctx.join_replicate() File > "/usr/lib/python2.7/dist-packages/samba/join.py", line 936, in > join_replicate replica_flags=ctx.domain_replica_flags) File > "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 295, in > replicate schema=schema, req_level=req_level, req=req) $ >Two thoughts here, are you using the ntvfs backend on the first DC ? this has now been deprecated and is only used in the Samba test. Does your admin user have all the required permissions ? Have you tried using 'Administrator' ? Rowland
Andrew Bartlett
2017-Dec-21 18:46 UTC
[Samba] WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain
On Thu, 2017-12-21 at 18:39 +0000, Rowland Penny via samba wrote:> > Two thoughts here, are you using the ntvfs backend on the first DC ? > this has now been deprecated and is only used in the Samba test. > > Does your admin user have all the required permissions ? Have you tried > using 'Administrator' ?G'Day Rowland, Just to avoid running down rat-holes, neither of these factors would cause this particular error. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Possibly Parallel Threads
- WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain
- WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain
- WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain
- WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain
- WERR_DS_DRA_MISSING_PARENT while Joining Samba4 DC to Samba4 Domain