Автор Тема: Проблема с подключением к домену  (Прочитано 4006 раз)

Оффлайн NoisyBoy

  • Начинающий
  • *
  • Сообщений: 2
    • Email
Вторичный DC создался нормально, но когда пытаюсь подключиться выдает ошибку
Windows Server 2008R2
192.168.64.108 - server-csm.csm


[localadm@alt ~]$ samba-tool dns add 192.168.64.108 csm ALT A 192.168.64.101 -UAdministrator@CSM
Password for [Administrator@CSM]:
Record added successfully
[localadm@alt ~]$ kinit administrator@CSM
Password for administrator@CSM:
[localadm@alt ~]$ samba-tool domain join csm DC -Uadministrator@CSM --realm=csm
INFO 2020-12-08 15:02:13,033 pid:6055 /usr/lib64/samba-dc/python3.7/samba/join.py #107: Finding a writeable DC for domain 'csm'
INFO 2020-12-08 15:02:18,062 pid:6055 /usr/lib64/samba-dc/python3.7/samba/join.py #109: Found DC server-csm.csm
Password for [administrator@CSM]:
INFO 2020-12-08 15:02:21,857 pid:6055 /usr/lib64/samba-dc/python3.7/samba/join.py #356: Reconnecting to naming master ac56efd4-e077-479f-8187-d36a1c7cd5bb._msdcs.csm
INFO 2020-12-08 15:02:21,876 pid:6055 /usr/lib64/samba-dc/python3.7/samba/join.py #363: DNS name of new naming master is server-csm.csm
INFO 2020-12-08 15:02:21,877 pid:6055 /usr/lib64/samba-dc/python3.7/samba/join.py #1559: workgroup is CSM
INFO 2020-12-08 15:02:21,877 pid:6055 /usr/lib64/samba-dc/python3.7/samba/join.py #1562: realm is csm
Adding CN=ALT,OU=Domain Controllers,DC=csm
Adding CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
Adding CN=NTDS Settings,CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
Adding SPNs to CN=ALT,OU=Domain Controllers,DC=csm
Setting account password for ALT$
Enabling account
Calling bare provision
Join failed - cleaning up
Deleted CN=ALT,OU=Domain Controllers,DC=csm
Deleted CN=NTDS Settings,CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
Deleted CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception - ProvisioningError: guess_names: 'server role=auto' in /etc/samba/smb.conf must match chosen server role 'active directory domain controller'!  Please remove the smb.conf file and let provision generate it
  File "/usr/lib64/samba-dc/python3.7/samba/netcmd/__init__.py", line 186, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/samba-dc/python3.7/samba/netcmd/domain.py", line 708, in run
    backend_store_size=backend_store_size)
  File "/usr/lib64/samba-dc/python3.7/samba/join.py", line 1575, in join_DC
    ctx.do_join()
  File "/usr/lib64/samba-dc/python3.7/samba/join.py", line 1464, in do_join
    ctx.join_provision()
  File "/usr/lib64/samba-dc/python3.7/samba/join.py", line 907, in join_provision
    batch_mode=True)
  File "/usr/lib64/samba-dc/python3.7/samba/provision/__init__.py", line 2258, in provision
    sitename=sitename, rootdn=rootdn, domain_names_forced=(samdb_fill == FILL_DRS))
  File "/usr/lib64/samba-dc/python3.7/samba/provision/__init__.py", line 649, in guess_names
    raise ProvisioningError("guess_names: 'server role=%s' in %s must match chosen server role '%s'!  Please remove the smb.conf file and let provision generate it" % (lp.get("server role"), lp.configfile, serverrole))

[root@alt ~]# samba-tool domain join csm DC -Uadministrator@CSM --realm=csm
INFO 2020-12-08 15:07:07,709 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #107: Finding a writeable DC for domain 'csm'
INFO 2020-12-08 15:07:12,731 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #109: Found DC server-csm2.csm
Password for [administrator@CSM]:
INFO 2020-12-08 15:07:15,400 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #356: Reconnecting to naming master ac56efd4-e077-479f-8187-d36a1c7cd5bb._msdcs.csm
INFO 2020-12-08 15:07:15,431 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #363: DNS name of new naming master is server-csm.csm
INFO 2020-12-08 15:07:15,431 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #1559: workgroup is CSM
INFO 2020-12-08 15:07:15,431 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #1562: realm is csm
Adding CN=ALT,OU=Domain Controllers,DC=csm
Adding CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
Adding CN=NTDS Settings,CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
Adding SPNs to CN=ALT,OU=Domain Controllers,DC=csm
Setting account password for ALT$
Enabling account
Calling bare provision
INFO 2020-12-08 15:07:16,411 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2128: Looking up IPv4 addresses
INFO 2020-12-08 15:07:16,412 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2145: Looking up IPv6 addresses
WARNING 2020-12-08 15:07:16,413 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2152: No IPv6 address will be assigned
INFO 2020-12-08 15:07:16,998 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2319: Setting up share.ldb
INFO 2020-12-08 15:07:17,156 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2323: Setting up secrets.ldb
INFO 2020-12-08 15:07:17,220 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2329: Setting up the registry
INFO 2020-12-08 15:07:17,408 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2332: Setting up the privileges database
INFO 2020-12-08 15:07:17,506 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2335: Setting up idmap db
INFO 2020-12-08 15:07:17,588 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2342: Setting up SAM db
INFO 2020-12-08 15:07:17,608 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #898: Setting up sam.ldb partitions and settings
INFO 2020-12-08 15:07:17,609 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #910: Setting up sam.ldb rootDSE
INFO 2020-12-08 15:07:17,633 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #1339: Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs

INFO 2020-12-08 15:07:17,782 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2395: A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/private/krb5.conf
INFO 2020-12-08 15:07:17,784 pid:6124 /usr/lib64/samba-dc/python3.7/samba/provision/__init__.py #2396: Merge the contents of this file with your system krb5.conf or replace it with this one. Do not create a symlink!
Provision OK for domain DN DC=csm
Starting replication
Schema-DN[CN=Schema,CN=Configuration,DC=csm] objects[402/1210] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=csm] objects[804/1210] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=csm] objects[1206/1210] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=csm] objects[1553/1210] linked_values[0/0]
Analyze and apply schema objects
Partition[CN=Configuration,DC=csm] objects[402/1895] linked_values[0/29]
Partition[CN=Configuration,DC=csm] objects[804/1895] linked_values[0/29]
Partition[CN=Configuration,DC=csm] objects[1206/1895] linked_values[0/29]
Partition[CN=Configuration,DC=csm] objects[1608/1895] linked_values[0/29]
Partition[CN=Configuration,DC=csm] objects[1777/1895] linked_values[29/29]
dsdb_replicated_objects_convert: Ignoring object outside partition d3f1856d-c4c8-4c12-90df-aa4955f65e6b CN=Schema,CN=Configuration,DC=csm: WERR_DS_ADD_REPLICA_INHIBITED
Replicating critical objects from the base DN of the domain
Partition[DC=csm] objects[102/213] linked_values[7/10]
Partition[DC=csm] objects[351/2123] linked_values[10/10]
dsdb_replicated_objects_convert: Ignoring object outside partition 5653bdc3-1e6e-451a-91ff-5c1ca7a6cb87 CN=Configuration,DC=csm: WERR_DS_ADD_REPLICA_INHIBITED
dsdb_replicated_objects_convert: Ignoring object outside partition f1426424-86dd-4652-8089-c2ef9a83f5cf DC=DomainDnsZones,DC=csm: WERR_DS_ADD_REPLICA_INHIBITED
dsdb_replicated_objects_convert: Ignoring object outside partition 942fe4d2-3666-4106-aaa1-52b2007b75d0 DC=ForestDnsZones,DC=csm: WERR_DS_ADD_REPLICA_INHIBITED
Failed to commit objects: DOS code 0x000021bf
Missing target object - retrying with DRS_GET_TGT
Partition[DC=csm] objects[700/2123] linked_values[20/10]
dsdb_replicated_objects_convert: Ignoring object outside partition 5653bdc3-1e6e-451a-91ff-5c1ca7a6cb87 CN=Configuration,DC=csm: WERR_DS_ADD_REPLICA_INHIBITED
dsdb_replicated_objects_convert: Ignoring object outside partition f1426424-86dd-4652-8089-c2ef9a83f5cf DC=DomainDnsZones,DC=csm: WERR_DS_ADD_REPLICA_INHIBITED
dsdb_replicated_objects_convert: Ignoring object outside partition 942fe4d2-3666-4106-aaa1-52b2007b75d0 DC=ForestDnsZones,DC=csm: WERR_DS_ADD_REPLICA_INHIBITED
Partition[DC=csm] objects[866/2123] linked_values[20/10]
Partition[DC=csm] objects[952/2123] linked_values[20/10]
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=csm
Partition[DC=DomainDnsZones,DC=csm] objects[147/147] linked_values[0/0]
Replicating DC=ForestDnsZones,DC=csm
Partition[DC=ForestDnsZones,DC=csm] objects[8/8] linked_values[0/0]
Exop on[CN=RID Manager$,CN=System,DC=csm] objects[3] linked_values[0]
Committing SAM database
Repacking database from v1 to v2 format (first record CN=Groups-to-Ignore,CN=Schema,CN=Configuration,DC=csm)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=4c0672a2-437c-4944-b953-5db8f111d665,CN=Operations,CN=ForestUpdates,CN=Configuration,DC=csm)
Repacking database from v1 to v2 format (first record DC=priemka7\0ADEL:38e1677b-a960-4e02-98d8-3c2aafd6a57b,CN=Deleted Objects,DC=DomainDnsZones,DC=csm)
Repacking database from v1 to v2 format (first record DC=..TrustAnchors,CN=MicrosoftDNS,DC=ForestDnsZones,DC=csm)
Repacking database from v1 to v2 format (first record CN=TEPLOTEH11,CN=Computers,DC=csm)
INFO 2020-12-08 15:07:40,450 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #1133: Adding 1 remote DNS records for ALT.csm
INFO 2020-12-08 15:07:40,568 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #1196: Adding DNS A record ALT.csm for IPv4 IP: 192.168.64.101
INFO 2020-12-08 15:07:40,589 pid:6124 /usr/lib64/samba-dc/python3.7/samba/join.py #1224: Adding DNS CNAME record 22e9f252-e4b1-4fe2-8220-1bb2035996ea._msdcs.csm for ALT.csm
Join failed - cleaning up
Deleted CN=RID Set,CN=ALT,OU=Domain Controllers,DC=csm
Deleted CN=ALT,OU=Domain Controllers,DC=csm
Deleted CN=NTDS Settings,CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
Deleted CN=ALT,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=csm
Deleted DC=ALT,DC=csm,CN=MicrosoftDNS,DC=DomainDnsZones,DC=csm
ERROR(runtime): uncaught exception - (9601, 'WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST')
  File "/usr/lib64/samba-dc/python3.7/samba/netcmd/__init__.py", line 186, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/samba-dc/python3.7/samba/netcmd/domain.py", line 708, in run
    backend_store_size=backend_store_size)
  File "/usr/lib64/samba-dc/python3.7/samba/join.py", line 1575, in join_DC
    ctx.do_join()
  File "/usr/lib64/samba-dc/python3.7/samba/join.py", line 1472, in do_join
    ctx.join_add_dns_records()
  File "/usr/lib64/samba-dc/python3.7/samba/join.py", line 1235, in join_add_dns_records
    None)
[root@alt ~]#
« Последнее редактирование: 25.01.2021 09:16:14 от sb »

Оффлайн Skull

  • Глобальный модератор
  • *****
  • Сообщений: 19 908
    • Домашняя страница
    • Email
Re: Проблема с подключением к домену
« Ответ #1 : 25.01.2021 10:18:08 »
WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST
Андрей Черепанов (cas@)

Оффлайн NoisyBoy

  • Начинающий
  • *
  • Сообщений: 2
    • Email
Re: Проблема с подключением к домену
« Ответ #2 : 25.01.2021 10:31:07 »
Это я и сам прочитал:-)
Вопрос из за чего это сообщение может выдавать