DreamySurfer212
2018-Feb-14 05:07 UTC
[Samba] WERR_DS_DRA_MISSING_PARENT error when joining new DC
When trying to join a new DC to an existing Samba4 domain, I am getting this WERR_DS_DRA_MISSING_PARENT error. Does any have any suggestions on how to fix it? My original 6 dc's are running the last free Sernet (4.2.14) on CentOS6 and the error occurs if I use Sernet 4.2.14 or 4.7.5-Debian. I finally have time to upgrade and something is broke. Thanks, Steve # samba-tool domain join mydomain DC -U"mydomain\administrator" --dns-backend=BIND9_DLZ Missing parent while attempting to apply records: No parent with GUID eb58e643-61d5-4e8c-8249-99d275b2779b found for object remotely known as CN=Enterprise Read-only Domain Controllers,OU=Security Groups,DC=mydomain,DC=com # ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs objectGUID=eb58e643-61d5-4e8c-8249-99d275b2779b dn: OU=Security Groups,DC=mydomain,DC=com # samba-tool dbcheck --cross-ncs Checking 9088 objects Checked 9088 objects (0 errors)
Denis Cardon
2018-Feb-14 12:01 UTC
[Samba] WERR_DS_DRA_MISSING_PARENT error when joining new DC
Hi DreamySurfer212,> > When trying to join a new DC to an existing Samba4 domain, I am > getting this WERR_DS_DRA_MISSING_PARENT error. Does any have any > suggestions on how to fix it? My original 6 dc's are running the last > free Sernet (4.2.14) on CentOS6 and the error occurs if I use Sernet > 4.2.14 or 4.7.5-Debian. I finally have time to upgrade and something > is broke.Samba 4.2.14 is EOL for quite some time... If you cannot afford the good work done by SerNet, then you need to use other packages.> Thanks, Steve > > # samba-tool domain join mydomain DC -U"mydomain\administrator" > --dns-backend=BIND9_DLZ > > Missing parent while attempting to apply records: No parent with GUID > eb58e643-61d5-4e8c-8249-99d275b2779b found for object remotely known > as CN=Enterprise Read-only Domain Controllers,OU=Security > Groups,DC=mydomain,DC=com > > # ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs > objectGUID=eb58e643-61d5-4e8c-8249-99d275b2779b dn: OU=Security > Groups,DC=mydomain,DC=comHave you switched all your domain DCs to 4.7, or is this error still shown from a 4.2 server? is there any reasons for moving "Enterprise Read-only Domain Controllers" group from CN=Users? Do you have tried to join RODC in your 4.2 domain?? Cheers, Denis> > # samba-tool dbcheck --cross-ncs Checking 9088 objects Checked 9088 > objects (0 errors) >-- Denis Cardon Tranquil IT Systems Les Espaces Jules Verne, bâtiment A 12 avenue Jules Verne 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.57.55 http://www.tranquil.it Samba install wiki for Frenchies : https://dev.tranquil.it WAPT, software deployment made easy : https://wapt.fr
DreamySurfer212
2018-Feb-14 15:55 UTC
[Samba] WERR_DS_DRA_MISSING_PARENT error when joining new DC
On Wed, Feb 14, 2018, at 06:01, Denis Cardon wrote:> Hi DreamySurfer212, > > > > When trying to join a new DC to an existing Samba4 domain, I am > > getting this WERR_DS_DRA_MISSING_PARENT error. Does any have any > > suggestions on how to fix it? My original 6 dc's are running the last > > free Sernet (4.2.14) on CentOS6 and the error occurs if I use Sernet > > 4.2.14 or 4.7.5-Debian. I finally have time to upgrade and something > > is broke. > > Samba 4.2.14 is EOL for quite some time... If you cannot afford the good > work done by SerNet, then you need to use other packages. >Thank you for taking the time to respond. Yes, I am quite aware. I inherited this mess and am trying to get it upgraded to the latest 4.7.x on Ubuntu 16.04 LTS.> > Thanks, Steve > > > > # samba-tool domain join mydomain DC -U"mydomain\administrator" > > --dns-backend=BIND9_DLZ > > > > Missing parent while attempting to apply records: No parent with GUID > > eb58e643-61d5-4e8c-8249-99d275b2779b found for object remotely known > > as CN=Enterprise Read-only Domain Controllers,OU=Security > > Groups,DC=mydomain,DC=com > > > > # ldbsearch -H /var/lib/samba/private/sam.ldb --cross-ncs > > objectGUID=eb58e643-61d5-4e8c-8249-99d275b2779b dn: OU=Security > > Groups,DC=mydomain,DC=com > > Have you switched all your domain DCs to 4.7, or is this error still > shown from a 4.2 server?The error is from Ubuntu 4.7.5 (thanks Louis for the instructions) trying to join 4.2. Do I need to step through 4.3, 4.4, 4.5, and 4.6 first?> is there any reasons for moving "Enterprise Read-only Domain > Controllers" group from CN=Users? Do you have tried to join RODC in your > 4.2 domain??That was where it was when I inherited this. I will try moving it to CN=Users. I was hoping this could replace the 4.2 PDC so I did not want to try read-only. Thanks, Steve> Cheers, > > Denis > > > > > # samba-tool dbcheck --cross-ncs Checking 9088 objects Checked 9088 > > objects (0 errors) > > > > -- > Denis Cardon > Tranquil IT Systems > Les Espaces Jules Verne, bâtiment A > 12 avenue Jules Verne > 44230 Saint Sébastien sur Loire > tel : +33 (0) 2.40.97.57.55 > http://www.tranquil.it > > Samba install wiki for Frenchies : https://dev.tranquil.it > WAPT, software deployment made easy : https://wapt.fr
Possibly Parallel Threads
- WERR_DS_DRA_MISSING_PARENT error when joining new DC
- WERR_DS_DRA_MISSING_PARENT error when joining new DC
- Is it possible to lower the domain and forest functional level
- Is it possible to lower the domain and forest functional level
- Is it possible to lower the domain and forest functional level