aere_premium.0k at icloud.com
2025-Apr-23 09:04 UTC
[Samba] Member can't join DC2 (The specified network name is no longer available)
I'm new to AD and Samba but we have been running 1 Samba AD DC on our network for a year now, without trouble. We have 2 sites, separated by a street and linked together with a site to site L2 VPN (EoIP on MikroTik). DC1 on site 1 (the currently running) and we are trying to run a 2nd DC (DC2 and DC4) on the 2nd site. idmap.ldb and sysvol are synchronized, `samba-tool drs showrepl` shows no error when the 3 DCs are online simultaneously. When joining AD from Windows 10 (test machines and VMs) from Site 1, DC1 is selected and joined. From Site 2, if DC2 or DC4 are online, they are selected and an error occurs : The specified network name is no longer available. (See NetSetup.log in attachments). - Site 1: -- DC1 is a turnkey linux LXC on Proxmox : 10.190.0.11 -- DC1 samba version : 4.17.12 on Debian 11 - Site 2: -- DC2 is a manually installed LXC on Proxmox : 10.133.0.11 -- DC2 samba version : 4.17.12 on Debian 12 -- DC4 is a manually installed LXC on Proxmox : 10.133.0.40 -- DC4 samba version : 4.17.12 on Debian 12 For some details, at first we created DC2 and joined as member. Didn't know much, it was used for freeradius. This machine (DC2) was reinstalled (without leaving the forest) from scratch 2 or 3 times and joined back the forest, with same name (DC2) and same IP/MAC, but no member ever joined on 2nd site. After realizing it may have been a big mistake, I shutdown DC2 and installed from scratch DC4 with different IP and MAC. Windows 10 join tests were made with a VM on 10.133.0.0/16 network, with DC1 + DC2 online, DC1 + DC4 online, and DC1 + DC2 + DC4 online. When DC2 or DC4 are chosen to join, error. When DC2 and DC4 offline, joining DC1 is fine. What did I do wrong please? -------------- next part -------------- ?04/22/2025 12:20:39:623 ----------------------------------------------------------------- 04/22/2025 12:20:39:623 NetpValidateName: checking to see if 'VM-WIN10-TEST' is valid as type 1 name 04/22/2025 12:20:39:623 NetpCheckNetBiosNameNotInUse for 'VM-WIN10-TEST' [MACHINE] returned 0x0 04/22/2025 12:20:39:623 NetpValidateName: name 'VM-WIN10-TEST' is valid for type 1 04/22/2025 12:20:39:669 ----------------------------------------------------------------- 04/22/2025 12:20:39:669 NetpValidateName: checking to see if 'VM-WIN10-TEST' is valid as type 5 name 04/22/2025 12:20:39:669 NetpValidateName: name 'VM-WIN10-TEST' is valid for type 5 04/22/2025 12:20:39:701 ----------------------------------------------------------------- 04/22/2025 12:20:39:701 NetpValidateName: checking to see if 'tech.example.com' is valid as type 3 name 04/22/2025 12:20:39:701 NetpValidateName: 'tech.example.com' is not a valid NetBIOS domain name: 0x7b 04/22/2025 12:20:40:279 NetpCheckDomainNameIsValid [ Exists ] for 'tech.example.com' returned 0x0 04/22/2025 12:20:40:279 NetpValidateName: name 'tech.example.com' is valid for type 3 04/22/2025 12:21:03:938 ----------------------------------------------------------------- 04/22/2025 12:21:03:938 NetpDoDomainJoin 04/22/2025 12:21:03:938 NetpDoDomainJoin: using current computer names 04/22/2025 12:21:03:938 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) returned 0x0 04/22/2025 12:21:03:938 NetpDoDomainJoin: NetpGetComputerNameEx(DnsHostName) returned 0x0 04/22/2025 12:21:03:938 NetpMachineValidToJoin: 'VM-WIN10-TEST' 04/22/2025 12:21:03:938 OS Version: 10.0 04/22/2025 12:21:03:938 Build number: 19045 (19041.vb_release.191206-1406) 04/22/2025 12:21:04:001 SKU: Windows 10 Professionnel 04/22/2025 12:21:04:001 Architecture: 64-bit (AMD64) 04/22/2025 12:21:04:016 NetpMachineValidToJoin: status: 0x0 04/22/2025 12:21:04:016 NetpJoinDomain 04/22/2025 12:21:04:016 HostName: VM-WIN10-TEST 04/22/2025 12:21:04:016 NetbiosName: VM-WIN10-TEST 04/22/2025 12:21:04:016 Domain: tech.example.com 04/22/2025 12:21:04:016 MachineAccountOU: (NULL) 04/22/2025 12:21:04:016 Account: tech.example.com\a.rihan 04/22/2025 12:21:04:016 Options: 0x25 04/22/2025 12:21:04:063 NetpValidateName: checking to see if 'tech.example.com' is valid as type 3 name 04/22/2025 12:21:04:063 NetpValidateName: 'tech.example.com' is not a valid NetBIOS domain name: 0x7b 04/22/2025 12:21:05:079 NetpCheckDomainNameIsValid [ Exists ] for 'tech.example.com' returned 0x0 04/22/2025 12:21:05:079 NetpValidateName: name 'tech.example.com' is valid for type 3 04/22/2025 12:21:05:079 NetpDsGetDcName: trying to find DC in domain 'tech.example.com', flags: 0x40001010 04/22/2025 12:21:05:282 NetpDsGetDcName: status of verifying DNS A record name resolution for 'dc4.tech.example.com': 0x0 04/22/2025 12:21:05:282 NetpDsGetDcName: found DC '\\dc4.tech.example.com' in the specified domain 04/22/2025 12:21:05:282 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0 04/22/2025 12:21:05:282 NetpDisableIDNEncoding: using FQDN tech.example.com from dcinfo 04/22/2025 12:21:05:298 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on 'tech.example.com' succeeded 04/22/2025 12:21:05:298 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0 04/22/2025 12:21:07:079 NetUseAdd to \\dc4.tech.example.com\IPC$ returned 64 04/22/2025 12:21:07:079 NetpJoinDomainOnDs: status of connecting to dc '\\dc4.tech.example.com': 0x40 04/22/2025 12:21:07:079 NetpJoinDomainOnDs: Function exits with status of: 0x40 04/22/2025 12:21:07:094 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'tech.example.com' returned 0x0 04/22/2025 12:21:07:094 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'tech.example.com': 0x0 04/22/2025 12:21:07:094 NetpDoDomainJoin: status: 0x40 04/22/2025 12:21:07:110 ----------------------------------------------------------------- 04/22/2025 12:21:07:110 NetpDoDomainJoin 04/22/2025 12:21:07:110 NetpDoDomainJoin: using current computer names 04/22/2025 12:21:07:110 NetpDoDomainJoin: NetpGetComputerNameEx(NetBios) returned 0x0 04/22/2025 12:21:07:110 NetpDoDomainJoin: NetpGetComputerNameEx(DnsHostName) returned 0x0 04/22/2025 12:21:07:110 NetpMachineValidToJoin: 'VM-WIN10-TEST' 04/22/2025 12:21:07:110 OS Version: 10.0 04/22/2025 12:21:07:110 Build number: 19045 (19041.vb_release.191206-1406) 04/22/2025 12:21:07:110 SKU: Windows 10 Professionnel 04/22/2025 12:21:07:110 Architecture: 64-bit (AMD64) 04/22/2025 12:21:07:110 NetpMachineValidToJoin: status: 0x0 04/22/2025 12:21:07:110 NetpJoinDomain 04/22/2025 12:21:07:110 HostName: VM-WIN10-TEST 04/22/2025 12:21:07:110 NetbiosName: VM-WIN10-TEST 04/22/2025 12:21:07:110 Domain: tech.example.com 04/22/2025 12:21:07:110 MachineAccountOU: (NULL) 04/22/2025 12:21:07:110 Account: tech.example.com\a.rihan 04/22/2025 12:21:07:110 Options: 0x27 04/22/2025 12:21:07:157 NetpValidateName: checking to see if 'tech.example.com' is valid as type 3 name 04/22/2025 12:21:07:157 NetpValidateName: 'tech.example.com' is not a valid NetBIOS domain name: 0x7b 04/22/2025 12:21:07:298 NetpCheckDomainNameIsValid [ Exists ] for 'tech.example.com' returned 0x0 04/22/2025 12:21:07:298 NetpValidateName: name 'tech.example.com' is valid for type 3 04/22/2025 12:21:07:298 NetpDsGetDcName: trying to find DC in domain 'tech.example.com', flags: 0x40001010 04/22/2025 12:21:07:376 NetpDsGetDcName: status of verifying DNS A record name resolution for 'dc4.tech.example.com': 0x0 04/22/2025 12:21:07:376 NetpDsGetDcName: found DC '\\dc4.tech.example.com' in the specified domain 04/22/2025 12:21:07:376 NetpJoinDomainOnDs: NetpDsGetDcName returned: 0x0 04/22/2025 12:21:07:376 NetpDisableIDNEncoding: using FQDN tech.example.com from dcinfo 04/22/2025 12:21:07:376 NetpDisableIDNEncoding: DnsDisableIdnEncoding(UNTILREBOOT) on 'tech.example.com' succeeded 04/22/2025 12:21:07:376 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0 04/22/2025 12:21:10:063 NetUseAdd to \\dc4.tech.example.com\IPC$ returned 64 04/22/2025 12:21:10:063 NetpJoinDomainOnDs: status of connecting to dc '\\dc4.tech.example.com': 0x40 04/22/2025 12:21:10:063 NetpJoinDomainOnDs: Function exits with status of: 0x40 04/22/2025 12:21:10:063 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'tech.example.com' returned 0x0 04/22/2025 12:21:10:063 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'tech.example.com': 0x0 04/22/2025 12:21:10:063 NetpDoDomainJoin: status: 0x40 -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature.asc Type: application/pgp-signature Size: 840 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20250423/5ff3dcdb/OpenPGP_signature.sig>
Luis Peromarta
2025-Apr-23 12:07 UTC
[Samba] Member can't join DC2 (The specified network name is no longer available)
I understand DC2 has been powered off but not demoted from AD ? Also, have you used RSAT sites and services to create your 2 sites ? On 23 Apr 2025 at 10:23 +0100, Adnan R. via samba <samba at lists.samba.org>, wrote:> I'm new to AD and Samba but we have been running 1 Samba AD DC on our > network for a year now, without trouble. > > We have 2 sites, separated by a street and linked together with a site > to site L2 VPN (EoIP on MikroTik). DC1 on site 1 (the currently running) > and we are trying to run a 2nd DC (DC2 and DC4) on the 2nd site. > > idmap.ldb and sysvol are synchronized, `samba-tool drs showrepl` shows > no error when the 3 DCs are online simultaneously. When joining AD from > Windows 10 (test machines and VMs) from Site 1, DC1 is selected and > joined. From Site 2, if DC2 or DC4 are online, they are selected and an > error occurs : The specified network name is no longer available. (See > NetSetup.log in attachments). > > - Site 1: > -- DC1 is a turnkey linux LXC on Proxmox : 10.190.0.11 > -- DC1 samba version : 4.17.12 on Debian 11 > > - Site 2: > -- DC2 is a manually installed LXC on Proxmox : 10.133.0.11 > -- DC2 samba version : 4.17.12 on Debian 12 > -- DC4 is a manually installed LXC on Proxmox : 10.133.0.40 > -- DC4 samba version : 4.17.12 on Debian 12 > > For some details, at first we created DC2 and joined as member. Didn't > know much, it was used for freeradius. This machine (DC2) was > reinstalled (without leaving the forest) from scratch 2 or 3 times and > joined back the forest, with same name (DC2) and same IP/MAC, but no > member ever joined on 2nd site. After realizing it may have been a big > mistake, I shutdown DC2 and installed from scratch DC4 with different IP > and MAC. > > Windows 10 join tests were made with a VM on 10.133.0.0/16 network, with > DC1 + DC2 online, DC1 + DC4 online, and DC1 + DC2 + DC4 online. When DC2 > or DC4 are chosen to join, error. When DC2 and DC4 offline, joining DC1 > is fine. > > What did I do wrong please? > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba