Web lists-archives.com

Re: [Samba] join samba to an existing AD failed




Thank you for your apply. I just try to enable 1024 in the DC, it seems work! 
But it confuses me that when I do the same act in SuSE, this problem doesn't appear. Does the RPC use different port in different system?

>On Fri, 2018-07-06 at 15:50 +0800, Ryan via samba wrote:
>> Hello,
>> 
>> I was trying to join a samba DC to an existing AD. But it failed when I used the command ‘samba-tool domain join euler.huawei.com DC ‘ to join it to the domain. Here’s the log:
>> 
>>  
>> euler-2:/usr/custom #  samba-tool domain join euler.huawei.com DC --option='idmap_ldb:use rfc2307 = yes' -U vdsadmin@xxxxxxxxxxxxxxxx
>> 
>> Finding a writeable DC for domain 'euler.huawei.com'
>> 
>> Found DC euler-1.euler.huawei.com
>> 
>> Password for [vdsadmin@xxxxxxxxxxxxxxxx]:
>> 
>> workgroup is EULER
>> 
>> realm is euler.huawei.com
>> 
>> Adding CN=EULER-2,OU=Domain Controllers,DC=euler,DC=huawei,DC=com
>> 
>> Adding CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
>> 
>> Adding CN=NTDS Settings,CN=EULER-2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=euler,DC=huawei,DC=com
>> 
>> Join failed - cleaning up
>
>
>> ERROR(runtime): uncaught exception - (3221225653, '{Device Timeout} The specified I/O operation on %hs was not completed before the time-out period expired.')
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
>> 
>>     return self.run(*args, **kwargs)
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line 706, in run
>> 
>>     plaintext_secrets=plaintext_secrets)
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1482, in join_DC
>> 
>>     ctx.do_join()
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1381, in do_join
>> 
>>     ctx.join_add_objects()
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 644, in join_add_objects
>> 
>>     ctx.join_add_ntdsdsa()
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 575, in join_add_ntdsdsa
>> 
>>     ctx.DsAddEntry([rec])
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 470, in DsAddEntry
>> 
>>     ctx.drsuapi_connect()
>> 
>>   File "/usr/lib64/python2.7/site-packages/samba/join.py", line 448, in drsuapi_connect
>> 
>>     ctx.drsuapi = drsuapi.drsuapi(binding_string, ctx.lp, ctx.creds)
>
>Can you check you can get to the RPC ports (135 and a high port, probably 1024) on the DC?
>
>It looks firewall related to me, given we have already been able to
>contact the LDAP server by this stage.
>
>Andrew Bartlett
>
>-- 
>Andrew Bartlett                       http://samba.org/~abartlet/
>Authentication Developer, Samba Team  http://samba.org
>Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba
>
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba