Web lists-archives.com

Re: [Samba] 4.8.x domain join warning message

On Sun, 2018-05-20 at 22:38 +0800, d tbsky via samba wrote:
> Hi:
>    I tried to use samba 4.8.1/4.8.2 to join windows domain as DC. and
> saw warning message like "Unable to determine the DomainSID, can not
> enforce uniqueness constraint on local domainSIDs"

Sorry about that.  We should sqelch the warning during provision and
the join. 

>   I didn't get that message when using samba 4.7.7. is the message
> safe to ignore?

Entirely safe.  We made some changes in Samba to cope with deleted
foreignSecurityPrincipal objects which meant we had to relax our
uniqueness constraint, but only for things outside our domain.  

It just has a chicken-and-egg situation during the very first setup
(where we won't create duplicates anyway, as we are under the control
of the script) which the lower level module gets a bit grumpy with. 

>   the complete join message below:
> [root@samba-dc ~]# /usr/local/samba/bin/samba-tool domain join
> samdom.example.com DC -U"SAMDOM\administrator"
> --dns-backend=SAMBA_INTERNAL

> Joined domain SAMDOM (SID S-1-5-21-3559909774-3968669603-834676815) as a DC

It is fine.  Worry when you don't get that last line, otherwise it
looks good :-)

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba