Web lists-archives.com

[Samba] Error joining Samba 4.7.4 DC to existing Win2008R2 domain




I have an existing Win2008-R2 domain with a single DC and I'd like to replace this DC with a Samba 4 DC.

I'm using VirtualBox VMs to test the migration before going to production.
I've cloned Windows 2008R2 Server into the first VM, then installed Ubuntu_18.04_server_x64_daily (Samba 4.7.4) into another VM.

Win2008-R2:?? hostname=SRVAD-OLD, IP: 10.0.3.90
Ubuntu_18.04: hostname=SRVAD-NEW, IP: 10.0.3.100

The two machines are connected to the same virtual network and can ping each other.

Now, when I run samba-tool to join the domain, the join fails with this error:

======================================================
root@srvad-new:~# samba -V
Version 4.7.4-Ubuntu

root@srvad-new:~# samba-tool domain join samdom.local DC -U"SAMDOM.LOCAL\Administrator" --dns-backend=BIND9_DLZ --option="interfaces=eth_lan" --verbose

Finding a writeable DC for domain 'SAMDOM.LOCAL'
Found DC SRVAD-OLD.SAMDOM.LOCAL
Password for [SAMDOM.LOCAL\Administrator]:
workgroup is SAMDOM
realm is SAMDOM.LOCAL
Adding CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Adding CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT Adding CN=NTDS Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT
Adding SPNs to CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Setting account password for SRVAD-NEW$
Enabling account
Adding DNS account CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=IT with dns/ SPN
Setting account password for dns-SRVAD-NEW
Calling bare provision
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/private/krb5.conf
Provision OK for domain DN DC=SAMDOM,DC=IT
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[402/1557] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[804/1557] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[1206/1557] linked_values[0/0] Schema-DN[CN=Schema,CN=Configuration,DC=SAMDOM,DC=IT] objects[1553/1557] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[402/2158] linked_values[0/20] Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[804/2158] linked_values[0/20] Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[1206/2158] linked_values[0/20] Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[1608/2158] linked_values[0/20] Partition[CN=Configuration,DC=SAMDOM,DC=IT] objects[1803/2158] linked_values[20/20]
Replicating critical objects from the base DN of the domain
Partition[DC=SAMDOM,DC=IT] objects[97/169] linked_values[0/0]
Partition[DC=SAMDOM,DC=IT] objects[396/1567] linked_values[0/0]
Partition[DC=SAMDOM,DC=IT] objects[798/1567] linked_values[0/0]
Partition[DC=SAMDOM,DC=IT] objects[908/1567] linked_values[0/0]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=SAMDOM,DC=IT
Partition[DC=DomainDnsZones,DC=SAMDOM,DC=IT] objects[21/21] linked_values[0/0]
Replicating DC=ForestDnsZones,DC=SAMDOM,DC=IT
Partition[DC=ForestDnsZones,DC=SAMDOM,DC=IT] objects[94/94] linked_values[0/0] Exop on[CN=RID Manager$,CN=System,DC=SAMDOM,DC=IT] objects[3] linked_values[0]
Committing SAM database
Adding 1 remote DNS records for SRVAD-NEW.SAMDOM.LOCAL
Adding DNS A record SRVAD-NEW.SAMDOM.LOCAL for IPv4 IP: 10.0.3.100
Join failed - cleaning up
Deleted CN=RID Set,CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Deleted CN=SRVAD-NEW,OU=Domain Controllers,DC=SAMDOM,DC=IT
Deleted CN=dns-SRVAD-NEW,CN=Users,DC=SAMDOM,DC=IT
Deleted CN=NTDS Settings,CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT Deleted CN=SRVAD-NEW,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=SAMDOM,DC=IT ERROR(runtime): uncaught exception - (9003, 'WERR_DNS_ERROR_RCODE_NAME_ERROR') ? File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176, in _run
??? return self.run(*args, **kwargs)
? File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 661, in run
??? machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
? File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1474, in join_DC
??? ctx.do_join()
? File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1384, in do_join
??? ctx.join_add_dns_records()
? File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1116, in join_add_dns_records
??? dns_partition=domaindns_zone_dn)
? File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 939, in dns_lookup
??? dns_partition=dns_partition)
======================================================

I've googled for'WERR_DNS_ERROR_RCODE_NAME_ERROR' but haven't found anything.
Hope someone could shed some light on this...

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba