RE: [SOGo] Samba4 issue with existing AD and Exchange 2007

Thu, 20 Feb 2014 03:28:17 -0800 

> -----Original Message-----
> From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf
> Of Steve Boley
> Sent: Wednesday, 19 February 2014 12:29 AM
> To: users@sogo.nu
> Subject: Re: [SOGo] Samba4 issue with existing AD and Exchange 2007
> 
> Without the command syntax or what you added into your kerberos file it's
> hard to say what is wrong.
> Your joining active directory as a domain controller exchange at this point is
> irrelevant and the error points to ldap naming error. I've joined the default
> samba4 that is in the sogo repositories to a 2008 level domain after I got
> everything correct in the configuration and the right command syntax.
> Steve


Sorry here's some more details, if you need any more info let me know...

Domain - int.mycompany.com.au
Existing Windows 2008 DC -  windowsdc.int.mycompany.com.au
New Samba4 DC - sambadc.int.mycompany.com.au


[root@sambadc /]# samba -V
Version 4.0.1-4.centos6.1


[root@sambadc /]# cat /etc/krb5.conf
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = INT.MYCOMPANY.COM.AU
 dns_lookup_realm = true
 dns_lookup_kdc = true
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true

[realms]
 INT.MYCOMPANY.COM.AU = {
  kdc = windowsdc.int.mycompany.com.au
  admin_server = windowsdc.int.mycompany.com.au
 }

[domain_realm]
 .int.mycompany.com.au = INT.MYCOMPANY.COM.AU
 int.mycompany.com.au = INT.MYCOMPANY.COM.AU



[root@sambadc /]# samba-tool domain join int.mycompany.com.au DC 
-Uadministrator --realm=int.mycompany.com.au
Finding a writeable DC for domain 'int.mycompany.com.au'
Found DC windowsdc.int.mycompany.com.au
Password for [INTCOMPANY\administrator]:
workgroup is INTCOMPANY
realm is int.mycompany.com.au
checking sAMAccountName
Adding CN=SAMBADC,OU=Domain Controllers,DC=int,DC=mycompany,DC=com,DC=au
Adding 
CN=SAMBADC,CN=Servers,CN=PrimarySite,CN=Sites,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au
Adding CN=NTDS 
Settings,CN=SAMBADC,CN=Servers,CN=PrimarySite,CN=Sites,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au
Adding SPNs to CN=SAMBADC,OU=Domain Controllers,DC=int,DC=mycompany,DC=com,DC=au
Setting account password for SAMBADC$
Enabling account
Calling bare provision
No IPv6 address will be assigned
Provision OK for domain DN DC=int,DC=mycompany,DC=com,DC=au
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[402] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[804] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[1206] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[1608] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[2010] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[2412] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[2814] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[3216] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[3618] linked_values[0]
Schema-DN[CN=Schema,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] 
objects[3745] linked_values[0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] objects[340] 
linked_values[0]
Partition[CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] objects[512] 
linked_values[0]
Partition[CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] objects[681] 
linked_values[0]
Partition[CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] objects[854] 
linked_values[0]
Partition[CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au] objects[1016] 
linked_values[0]
Failed to apply records: Failed to find GUID for (null): Invalid DN syntax
Failed to commit objects: WERR_GENERAL_FAILURE
Join failed - cleaning up
checking sAMAccountName
Deleted CN=SAMBADC,OU=Domain Controllers,DC=int,DC=mycompany,DC=com,DC=au
Deleted CN=NTDS 
Settings,CN=SAMBADC,CN=Servers,CN=PrimarySite,CN=Sites,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au
Deleted 
CN=SAMBADC,CN=Servers,CN=PrimarySite,CN=Sites,CN=Configuration,DC=int,DC=mycompany,DC=com,DC=au
ERROR(<type 'exceptions.TypeError'>): uncaught exception - Failed to process 
chunk: NT_STATUS_UNSUCCESSFUL
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175, 
in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/domain.py", line 552, 
in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib64/python2.6/site-packages/samba/join.py", line 1104, in join_DC
    ctx.do_join()
  File "/usr/lib64/python2.6/site-packages/samba/join.py", line 1009, in do_join
    ctx.join_replicate()
  File "/usr/lib64/python2.6/site-packages/samba/join.py", line 734, in 
join_replicate
    replica_flags=ctx.replica_flags)
  File "/usr/lib64/python2.6/site-packages/samba/drs_utils.py", line 252, in 
replicate
    schema=schema, req_level=req_level, req=req)


Any help much appreciated :)

Cheers, John.
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Reply via email to