Rowland penny
2021-Jun-16 16:57 UTC
[Samba] Joining Samba AD DC from Docker container fails - timeout
On 16/06/2021 15:22, greg at theschaubs.com wrote:> Hi Roland, > > I switched to privileged mode on the container. Firewall is completely > open. Still have the problem so I ran it the join with Debug 5. > > I see two things that look odd, but if this is referring to the joining > computer, I wouldn't expect the lmhosts or secrets.ldb to exist on that > computer until the join creates it. Output from the join follows. I only > included that portion which from replication and below. > > Regards...Greg > > > Provision OK for domain DN DC=home,DC=theschaubs,DC=com > Starting replication > Using binding ncacn_ip_tcp:schaub-dc2.home.theschaubs.com[,seal] > Mapped to DCERPC endpoint 135 > added interface eth0 ip=192.168.3.10 bcast=192.168.3.255 > netmask=255.255.255.0 > added interface eth0 ip=192.168.3.10 bcast=192.168.3.255 > netmask=255.255.255.0 > resolve_lmhosts: Attempting lmhosts lookup for name > schaub-dc2.home.theschaubs.com<0x20> > startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such > file or directory > Mapped to DCERPC endpoint 49152 > added interface eth0 ip=192.168.3.10 bcast=192.168.3.255 > netmask=255.255.255.0 > added interface eth0 ip=192.168.3.10 bcast=192.168.3.255 > netmask=255.255.255.0 > resolve_lmhosts: Attempting lmhosts lookup for name > schaub-dc2.home.theschaubs.com<0x20> > startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such > file or directory > Starting GENSEC mechanism spnego > Starting GENSEC submechanism gssapi_krb5 > GSSAPI credentials for Administrator at HOME.THESCHAUBS.COM will expire in > 35997 secs > gensec_gssapi: NO credentials were delegated > GSSAPI Connection will be cryptographically sealed > added interface eth0 ip=192.168.3.10 bcast=192.168.3.255 > netmask=255.255.255.0 > added interface eth0 ip=192.168.3.10 bcast=192.168.3.255 > netmask=255.255.255.0 > Schema-DN[CN=Schema,CN=Configuration,DC=home,DC=theschaubs,DC=com] > objects[402/1739] linked_values[0/0] > Schema-DN[CN=Schema,CN=Configuration,DC=home,DC=theschaubs,DC=com] > objects[804/1739] linked_values[0/0] > DSDB Transaction [rollback] at [Wed, 16 Jun 2021 10:06:11.597523 EDT] > duration [160882485] > {"timestamp": "2021-06-16T10:06:11.597614-0400", "type": "dsdbTransaction", > "dsdbTransaction": {"version": {"major": 1, "minor": 0}, "action": > "rollback", "transactionId": "4ea5c5a4-9bad-494c-8cc9-71ac434d64f6", > "duration": 160882485}} > Join failed - cleaning upYou can ignore everything after 'Join failed', it is an artefact of the failure. It looks to me that the replication is still failing. Rowland