On 04/11/2020 11:22, Ralf Spenneberg via samba wrote:> Hi,
>
> I have a samba 4.10 ad domain which has been running fine for quite some
> time.
> Now when I try to join windows 10 pro 1909 clients i am running in issues.
>
> 1. When I try to fully add the client to the samba ad on the client, the
> join seems to run fine (I am welcomed in the new domain) but the event
> log on the client immediately logs a line:
> 'Fehler beim Beitritt des Computers "AutoCAD06" zur Dom?ne
"ad.xxx.de".
> Fehlercode: "1332"'
> In english: Error on joining the computer AutoCAD06 to domain ad.xxx.de.
> Errorcode 1332.
>
> 2. If I add the computer account before trying to add the client this
> message does not appear in the log.
>
> But in both cases, after the reboot the client complains
> "Die Sicherheitsdatenbank auf dem SErver enth?lt kein Computerkonto
f?r
> diese Arbeitsstationsvertrauensstellung."
> In English: The security database on the server does not contain a
> computer account for the workstation trust relationship.
>
> The samba log is attached. I do not have a clue where to further search.
>
> samba-tool computer show AUTOCAD06
> shows the computer account.
> ldbsearch -H /var/lib/samba/private/sam.ldb '(name=autocad06)'
> as well.
> The log looks to me as if the client is able to authenticate.
>
> What could I turn on in the logs to further debug this?
> Current setting log level = 3 auth:10 kerberos:10 sam:10
>
> Any help is appreciated.
>
> Kind regards,
>
> Ralf
>
>
What OS is the DC running on ?
Your logfile was removed by the list, it does this for all attachments,
so either post it into another post, or if it is excessively large, send
it direct to me.
Rowland