samba - Apr 2022 - ?==?utf-8?q? Joining a samba ad dc domain from another samba installation

On Mon, Apr 25, 2022 at 7:13 AM Fran?ois Legal via samba <
samba at lists.samba.org> wrote:
>
> samba-tool domain join [my samba domain] DC -k yes --dns-backend=BIND9_DLZ
> --option='idmap_ldb:use rfc2307 = yes'
> INFO 2022-04-25 10:41:04,952 pid:374
> /usr/lib/python3/dist-packages/samba/join.py #107: Finding a writeable DC
> for domain '[my samba domain]'
> INFO 2022-04-25 10:41:04,973 pid:374
> /usr/lib/python3/dist-packages/samba/join.py #109: Found DC  [my-dc].[my
> samba domain]
> ERROR(<class 'samba.join.DCJoinException'>): uncaught
exception - Can't
> join, error: 00002020: Operation unavailable without authentication
>
I see you used "-k yes". Did you confirm that you have a valid
Kerberos TGT
for a Domain Admin account? (Run "kinit" to get a ticket and
"klist" to
check.)

Le Lundi, Avril 25, 2022 15:24 CEST, Jonathon Reinhart <jonathon.reinhart at
gmail.com> a ?crit:
 
> On Mon, Apr 25, 2022 at 7:13 AM Fran?ois Legal via samba <
> samba at lists.samba.org> wrote:
> 
> >
> > samba-tool domain join [my samba domain] DC -k yes
--dns-backend=BIND9_DLZ
> > --option='idmap_ldb:use rfc2307 = yes'
> > INFO 2022-04-25 10:41:04,952 pid:374
> > /usr/lib/python3/dist-packages/samba/join.py #107: Finding a writeable
DC
> > for domain '[my samba domain]'
> > INFO 2022-04-25 10:41:04,973 pid:374
> > /usr/lib/python3/dist-packages/samba/join.py #109: Found DC 
[my-dc].[my
> > samba domain]
> > ERROR(<class 'samba.join.DCJoinException'>): uncaught
exception - Can't
> > join, error: 00002020: Operation unavailable without authentication
> >
> 
> I see you used "-k yes". Did you confirm that you have a valid
Kerberos TGT
> for a Domain Admin account? (Run "kinit" to get a ticket and
"klist" to
> check.)
 
Yes. I?ve kinit administrator@[my realm], the ticket shows out in klist
afterwards.
But either using -U administrator (for which no password is requested), either
--krb5-ccache=/tmp/krb5cc_0 produce the same result

Fran?ois