Error runtime uncaught exception dsaddentry failed

Hello All,

I am trying to add my Raspberry Pi 3 as a DC in my server 2012r2 domain, domain schema version is: 69. Samba version 4.11.9 is installed on the RPi

Unfortunately, when i give the command: sudo samba-tool domain join snijder-kjp.local DC -U»snijder-kjpadministrator» —dns-backend=SAMBA_INTERNAL —option=’idmap_ldb:use rfc2307 = yes’ the Raspberry Pi isn’t joined to the domain. I get error: 8567, ‘WERR_DS_INCOMPATIBLE_VERSION

Full output:

pi@PS-DC04:~ $ sudo samba-tool domain join mydomain.local DC -U»my domainadministrator» —dns-backend=SAMBA_INTERNAL —option=’idmap_ldb:use rfc2307 = yes ‘
INFO 2020-06-24 07:58:26,694 pid:11290 /usr/lib/python3/dist-packages/samba/join.py #107: Finding a writeable DC for domain ‘mydomain.local’
INFO 2020-06-24 07:58:26,728 pid:11290 /usr/lib/python3/dist-packages/samba/join.py #109: Found DC PS-DC02.MYDOMAIN.local
Password for [MYDOMAINadministrator]:
INFO 2020-06-24 07:58:32,620 pid:11290 /usr/lib/python3/dist-packages/samba/join.py #1542: workgroup is MYDOMAIN
INFO 2020-06-24 07:58:32,622 pid:11290 /usr/lib/python3/dist-packages/samba/join.py #1545: realm is MYDOMAIN.local
Adding CN=PS-DC04,OU=Domain Controllers,DC=MYDOMAIN,DC=local
Adding CN=PS-DC04,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=local
Adding CN=NTDS Settings,CN=PS-DC04,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=local
DsAddEntry failed with status WERR_ACCESS_DENIED info (8567, ‘WERR_DS_INCOMPATIBLE_VERSION’)
Join failed — cleaning up
Deleted CN=PS-DC04,OU=Domain Controllers,DC=MYDOMAIN,DC=local
Deleted CN=PS-DC04,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=MYDOMAIN,DC=local
ERROR(runtime): uncaught exception — DsAddEntry failed
File «/usr/lib/python3/dist-packages/samba/netcmd/__init__.py», line 186, in _run
return self.run(*args, **kwargs)
File «/usr/lib/python3/dist-packages/samba/netcmd/domain.py», line 708, in run
backend_store_size=backend_store_size)
File «/usr/lib/python3/dist-packages/samba/join.py», line 1558, in join_DC
ctx.do_join()
File «/usr/lib/python3/dist-packages/samba/join.py», line 1446, in do_join
ctx.join_add_objects()
File «/usr/lib/python3/dist-packages/samba/join.py», line 682, in join_add_objects
ctx.join_add_ntdsdsa()
File «/usr/lib/python3/dist-packages/samba/join.py», line 607, in join_add_ntdsdsa
ctx.DsAddEntry([rec])
File «/usr/lib/python3/dist-packages/samba/join.py», line 548, in DsAddEntry
raise RuntimeError(«DsAddEntry failed»)

Thanks in advance for your answers!

Cheers, b.

Hello everybody,

 
I have a new AD which is installed on a Windows Server 2019. Now I want to add a Samba DC to this AD.

The Samba DC is in the same subnet.

Samba Server:

Ubuntu 18.04

Samba 4.10.6

 
The Windows AD has the following settings:

PS C:  Users  Administrator> Get-ADForest

ApplicationPartitions: {DC = DomainDnsZones, DC = mydom, DC = local, DC = ForestDnsZones, DC = mydom, DC = local}

CrossForestReferences: {}

DomainNamingMaster: WAD.mydom.local

Domains: {mydom.local}

ForestMode: Windows2008R2Forest

GlobalCatalogs: {WAD.mydom.local}

Name: mydom.local

PartitionContainer: CN = Partitions, CN = Configuration, DC = mydom, DC = local

RootDomain: mydom.local

SchemaMaster: WAD.mydom.local

Sites: {Default First Site Name}

SPNSuffixes: {}

 
 
When I try to join the Samba server I get the following message:

samba-tool domain join mydom.local DC -k yes

INFO 2019-07-19 18:30:06,496 pid:25035 /usr/local/samba/lib/python3.6/site-packages/samba/join.py #103: Finding a writeable DC for domain mydom.local'

INFO 2019-07-19 18:30:06,533 pid:25035 /usr/local/samba/lib/python3.6/site-packages/samba/join.py #105: Found DC WAD. mydom.local

INFO 2019-07-19 18:30:06,783 pid:25035 /usr/local/samba/lib/python3.6/site-packages/samba/join.py #1519: workgroup is mydom

INFO 2019-07-19 18:30:06,789 pid:25035 /usr/local/samba/lib/python3.6/site-packages/samba/join.py #1522: realm is mydom.local

Adding CN=SAD,OU=Domain Controllers,DC= mydom,DC=local

Adding CN=SAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC= mydom,DC=local

Adding CN=NTDS Settings,CN=DE03VM13,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC= mydom,DC=local

DsAddEntry failed with status WERR_ACCESS_DENIED info (8363, 'WERR_DS_NO_CROSSREF_FOR_NC')

Join failed - cleaning up

Deleted CN=SAD,OU=Domain Controllers,DC= mydom,DC=local

Deleted CN=SAD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC= mydom,DC=local

ERROR(runtime): uncaught exception - DsAddEntry failed

  File "/usr/local/samba/lib/python3.6/site-packages/samba/netcmd/__init__.py", line 185, in _run

    return self.run(*args, **kwargs)

  File "/usr/local/samba/lib/python3.6/site-packages/samba/netcmd/domain.py", line 700, in run

    backend_store=backend_store)

  File "/usr/local/samba/lib/python3.6/site-packages/samba/join.py", line 1535, in join_DC

    ctx.do_join()

  File "/usr/local/samba/lib/python3.6/site-packages/samba/join.py", line 1427, in do_join

    ctx.join_add_objects()

  File "/usr/local/samba/lib/python3.6/site-packages/samba/join.py", line 669, in join_add_objects

    ctx.join_add_ntdsdsa()

  File "/usr/local/samba/lib/python3.6/site-packages/samba/join.py", line 594, in join_add_ntdsdsa

    ctx.DsAddEntry([rec])

  File "/usr/local/samba/lib/python3.6/site-packages/samba/join.py", line 543, in DsAddEntry

    raise RuntimeError("DsAddEntry failed")

 
What can I do?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba