thr3ads.net - samba - [Samba] SAMBA failed join domain DC [Feb 2018]

If this information is useful, please help other people find it:
Share via:

Rowland Penny

2018-Feb-21 08:59 UTC

[Samba] SAMBA failed join domain DC

On Wed, 21 Feb 2018 10:45:43 +0500
"denis.shigapov" <denis.shigapov at stroylandiya.ru> wrote:
> Not join
> samba-tool domain join EXAMPLE DC -Uvas.lah --password=password
> --realm=EXAMPLE.RU --site=SITE2 find srv-site3-dc01 and the same
> error occurred
> 
> samba-tool domain join EXAMPLE DC -UAdministrator --password=password
> --server=srv-dc01.example.ru --realm=EXAMPLE.RU --site=SITE2 returned
> the original error
> 
> 
> vas.lah - domain administrator
> also tried the user with the rights: enterprice admins and scheme
> admins
> 
> Samba 4.6 previously tried and joined the domain, but due to
> replication errors it was abandoned
> 
> 
Is there some reason why you will not try the exact join command I
posted ???

I can assure you that the join command works on 4.7.5, I did it last
Friday, albeit against a Samba AD DC.

You shouldn't get replication errors, perhaps the problem lies on the
windows DC you are trying to join to ? 

Rowland

denis.shigapov

2018-Feb-21 12:00 UTC

head link

[Samba] SAMBA failed join domain DC

And why are you against Samba AD DC?

I do not have a user "Administrator"


I RUN:  samba-tool domain join EXAMPLE DC -Uvas.lah --password=password
--realm=EXAMPLE.RU --site=SITE2 -d 2
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Finding a writeable DC for domain 'EXAMPLE'
Found DC srv-site3-dc01.example.ru
workgroup is EXAMPLE
realm is example.ru
Adding CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Adding
CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Adding CN=NTDS
Settings,CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Join failed - cleaning up
Could not find machine account in secrets database: Failed to fetch machine
account password for EXAMPLE from both secrets.ldb (Could not find entry to
match
filter: '(&(fl
atname=EXAMPLE)(objectclass=primaryDomain))' base: 'cn=Primary
Domains': No such object: dsdb_search at ../source4/dsdb/common/util.c:4636)
and from
/var/lib/samba/private/
secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Deleted CN=NTDS
Settings,CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Deleted
CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
ERROR(ldb): uncaught exception - LDAP error 10 LDAP_REFERRAL -  <0000202B:
RefErr: DSID-030A0B09, data 0, 1 access points
        ref 1:
'7bbe1649-5261-430c-b473-9b85a36719b5._msdcs.example.ru'> <ldap://7bbe1649-5261-430c-b473-9b85a36719b5._msdcs.example.ru>  File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 661, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1474,
in join_DC
    ctx.do_join()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1375,
in do_join
    ctx.join_add_objects()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 668,
in join_add_objects
    ctx.samdb.modify(m)


samba-tool domain join EXAMPLE DC --realm=EXAMPLE.RU -Uvas.lah
--server=srv-dc01.example.ru --password=password --site=SITE2 -d 2

......

Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[1163/2778]
linked_values[0/0]
Replicated 388 objects (0 linked attributes) for
DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[1565/2778]
linked_values[0/0]
Replicated 402 objects (0 linked attributes) for
DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[1967/2778]
linked_values[0/0]
Replicated 402 objects (0 linked attributes) for
DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[2369/2778]
linked_values[0/0]
Replicated 402 objects (0 linked attributes) for
DC=ForestDnsZones,DC=example,DC=ru
Partition[DC=ForestDnsZones,DC=example,DC=ru] objects[2535/2778]
linked_values[0/0]
Replicated 166 objects (0 linked attributes) for
DC=ForestDnsZones,DC=example,DC=ru
Exop on[CN=RID Manager$,CN=System,DC=example,DC=ru] objects[3] linked_values[0]
Replicated 3 objects (0 linked attributes) for DC=example,DC=ru
Committing SAM database
Adding 1 remote DNS records for SRV-SITE2-DC01.example.ru
Adding DNS A record SRV-SITE2-DC01.example.ru for IPv4 IP: 10.2.1.15
Join failed - cleaning up
Could not find machine account in secrets database: Failed to fetch machine
account password for EXAMPLE from both secrets.ldb (Could not find entry to
match
filter: '(&(fl
atname=EXAMPLE)(objectclass=primaryDomain))' base: 'cn=Primary
Domains': No such object: dsdb_search at ../source4/dsdb/common/util.c:4636)
and from
/var/lib/samba/private/
secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=RID Set,CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Deleted CN=SRV-SITE2-DC01,OU=Domain Controllers,DC=example,DC=ru
Deleted CN=NTDS
Settings,CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
Deleted
CN=SRV-SITE2-DC01,CN=Servers,CN=SITE2,CN=Sites,CN=Configuration,DC=example,DC=ru
ERROR(runtime): uncaught exception - (9003,
'WERR_DNS_ERROR_RCODE_NAME_ERROR')
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 661, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1474,
in join_DC
    ctx.do_join()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1384,
in do_join
    ctx.join_add_dns_records()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1116,
in join_add_dns_records
    dns_partition=domaindns_zone_dn)
  File "/usr/lib64/python2.7/site-packages/samba/samdb.py", line 939,
in dns_lookup
    dns_partition=dns_partition)

В Ср, 21/02/2018 в 08:59 +0000, Rowland Penny via samba
пишет:> On Wed, 21 Feb 2018 10:45:43 +0500
> "denis.shigapov" <denis.shigapov at stroylandiya.ru> wrote:
> 
> > Not join
> > samba-tool domain join EXAMPLE DC -Uvas.lah --password=password
> > --realm=EXAMPLE.RU --site=SITE2 find srv-site3-dc01 and the same
> > error occurred
> > 
> > samba-tool domain join EXAMPLE DC -UAdministrator --password=password
> > --server=srv-dc01.example.ru --realm=EXAMPLE.RU --site=SITE2 returned
> > the original error
> > 
> > 
> > vas.lah - domain administrator
> > also tried the user with the rights: enterprice admins and scheme
> > admins
> > 
> > Samba 4.6 previously tried and joined the domain, but due to
> > replication errors it was abandoned
> > 
> > 
> 
> Is there some reason why you will not try the exact join command I
> posted ???
> 
> I can assure you that the join command works on 4.7.5, I did it last
> Friday, albeit against a Samba AD DC.
> 
> You shouldn't get replication errors, perhaps the problem lies on the
> windows DC you are trying to join to ? 
> 
> Rowland
>  
>

Rowland Penny

2018-Feb-21 12:06 UTC

head link

[Samba] SAMBA failed join domain DC

On Wed, 21 Feb 2018 17:00:20 +0500
"denis.shigapov" <denis.shigapov at stroylandiya.ru> wrote:
> And why are you against Samba AD DC?
I am definitely not against Samba AD DC, don't know where you got that
from ?
 > 
> I do not have a user "Administrator"
Well, where has the standard AD user 'Administrator' gone then ??
Have you removed it ? or renamed it ?

Rowland

Maybe Matching Threads

Search for more seemingly similar threads

samba - Feb 2018 - SAMBA failed join domain DC

[Samba] SAMBA failed join domain DC

[Samba] SAMBA failed join domain DC

[Samba] SAMBA failed join domain DC

Maybe Matching Threads