Re: [Samba] Unable to rejoin domain, LDAP error 50
- Date: Mon, 2 Apr 2018 19:26:55 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Unable to rejoin domain, LDAP error 50
On Mon, 2 Apr 2018 19:47:11 +0200
Krzysztof Paszkowski via samba <samba@xxxxxxxxxxxxxxx> wrote:
> Hi all,
>
> After demoting one of AD DCs, I’m unable to join the domain again.
> Demoting was fine.
>
> OS is Centos 6
> Samba 4.7.6 (with 4.7.4 doesn’t work either) built from sources.
>
>
> klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: administrator@xxxxxxxxxxxxx
>
> Valid starting Expires Service principal
> 04/02/18 18:44:33 04/03/18 04:44:33
> krbtgt/DOMAIN.NET.PL@xxxxxxxxxxxxx renew until 04/03/18 18:44:27
> [root@konc-serwer samba-4.7.4]#
> [root@konc-serwer samba-4.7.4]# samba-tool domain join domain.net.pl
> DC -U"domain\administrator" --dns-backend=SAMBA_INTERNAL
Try running the command like this:
samba-tool domain join domain.net.pl DC -U Administrator
--password=<Administrators password>
If that doesn't work, try adding '--verbose' to the command and see if
anything pops out.
At first sight, it looks like 'Administrator' doesn't have the right
permissions to join a DC to the domain, so you might want to check just
what rights the Administrator has.
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba