Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] Problem joining some computers to domain with samba4
600 views
Skip to first unread message
Javier Amor Garcia
Jul 29, 2015, 1:10:03 PM7/29/15
to
Hello all,
I have a client which has a windows XP which cannot join the domain.
Other computes are joined and working normally.
I have raised the log level to 8 but I don't see (or I am unable to see)
any error.
In Windows XP I receive a 'Internal error' and I have a 'Unable to bind
to DS' in windows NetSetup.log.
I have no idea of what is going on. Can someone give me a pointer?
Here is the full NetSetup.log for the join operation:
7/29 13:16:54 NetpDoDomainJoin
07/29 13:16:54 NetpMachineValidToJoin: 'COMPUTER5'
07/29 13:16:54 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:54 NetpMachineValidToJoin: status: 0x0
07/29 13:16:54 NetpJoinDomain
07/29 13:16:54 Machine: COMPUTER5
07/29 13:16:54 Domain: domain.local
07/29 13:16:54 MachineAccountOU: (NULL)
07/29 13:16:54 Account: domain.local\test11
07/29 13:16:54 Options: 0x27
07/29 13:16:54 OS Version: 5.1
07/29 13:16:54 Build number: 2600
07/29 13:16:54 ServicePack: Service Pack 2
07/29 13:16:54 NetpValidateName: checking to see if 'domain.local' is
valid as type 3 name
07/29 13:16:54 NetpCheckDomainNameIsValid [ Exists ] for 'domain.local'
returned 0x0
07/29 13:16:54 NetpValidateName: name 'domain.local' is valid for type 3
07/29 13:16:54 NetpDsGetDcName: trying to find DC in domain
'domain.local', flags: 0x1020
07/29 13:16:54 NetpDsGetDcName: found DC '\\server-central.domain.local'
in the specified domain
07/29 13:16:54 NetpJoinDomain: status of connecting to dc
'\\server-central.domain.local': 0x0
07/29 13:16:55 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:55 NetpGetDnsHostName: Read NV Hostname: tec-rodolfo
07/29 13:16:55 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS
domain name: domain.local
07/29 13:16:55 NetpLsaOpenSecret: status: 0xc0000034
07/29 13:16:55 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:55 NetpLsaOpenSecret: status: 0xc0000034
07/29 13:16:55 NetpManageMachineAccountWithSid: NetUserAdd on
'\\server-central.domain.local' for 'COMPUTER5$' failed: 0x8b0
07/29 13:16:55 NetpManageMachineAccountWithSid: status of attempting to
set password on '\\server-central.domain.local' for 'COMPUTER5$': 0x0
07/29 13:16:55 NetpJoinDomain: status of creating account: 0x0
07/29 13:16:55 NetpGetComputerObjectDn: Unable to bind to DS on
'\\server-central.domain.local': 0x54f
07/29 13:16:55 NetpSetDnsHostNameAndSpn: NetpGetComputerObjectDn failed:
0x54f
07/29 13:16:55 ldap_unbind status: 0x0
07/29 13:16:55 NetpJoinDomain: status of setting DnsHostName and SPN: 0x54f
07/29 13:16:55 NetpJoinDomain: initiaing a rollback due to earlier errors
07/29 13:16:55 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:55 NetpManageMachineAccountWithSid: status of disabling
account 'COMPUTER5$' on '\\server-central.domain.local': 0x0
07/29 13:16:55 NetpJoinDomain: rollback: status of deleting computer
account: 0x0
07/29 13:16:55 NetpLsaOpenSecret: status: 0x0
07/29 13:16:55 NetpJoinDomain: rollback: status of deleting secret: 0x0
07/29 13:16:55 NetpJoinDomain: status of disconnecting from
'\\server-central.domain.local': 0x0
07/29 13:16:55 NetpDoDomainJoin: status: 0x54f
-------------
I have no idea wa
--
Javier Amor García - Developer
Zentyal - Active Exchange - www.zentyal.com
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
I have a client which has a windows XP which cannot join the domain.
Other computes are joined and working normally.
I have raised the log level to 8 but I don't see (or I am unable to see)
any error.
In Windows XP I receive a 'Internal error' and I have a 'Unable to bind
to DS' in windows NetSetup.log.
I have no idea of what is going on. Can someone give me a pointer?
Here is the full NetSetup.log for the join operation:
7/29 13:16:54 NetpDoDomainJoin
07/29 13:16:54 NetpMachineValidToJoin: 'COMPUTER5'
07/29 13:16:54 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:54 NetpMachineValidToJoin: status: 0x0
07/29 13:16:54 NetpJoinDomain
07/29 13:16:54 Machine: COMPUTER5
07/29 13:16:54 Domain: domain.local
07/29 13:16:54 MachineAccountOU: (NULL)
07/29 13:16:54 Account: domain.local\test11
07/29 13:16:54 Options: 0x27
07/29 13:16:54 OS Version: 5.1
07/29 13:16:54 Build number: 2600
07/29 13:16:54 ServicePack: Service Pack 2
07/29 13:16:54 NetpValidateName: checking to see if 'domain.local' is
valid as type 3 name
07/29 13:16:54 NetpCheckDomainNameIsValid [ Exists ] for 'domain.local'
returned 0x0
07/29 13:16:54 NetpValidateName: name 'domain.local' is valid for type 3
07/29 13:16:54 NetpDsGetDcName: trying to find DC in domain
'domain.local', flags: 0x1020
07/29 13:16:54 NetpDsGetDcName: found DC '\\server-central.domain.local'
in the specified domain
07/29 13:16:54 NetpJoinDomain: status of connecting to dc
'\\server-central.domain.local': 0x0
07/29 13:16:55 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:55 NetpGetDnsHostName: Read NV Hostname: tec-rodolfo
07/29 13:16:55 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS
domain name: domain.local
07/29 13:16:55 NetpLsaOpenSecret: status: 0xc0000034
07/29 13:16:55 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:55 NetpLsaOpenSecret: status: 0xc0000034
07/29 13:16:55 NetpManageMachineAccountWithSid: NetUserAdd on
'\\server-central.domain.local' for 'COMPUTER5$' failed: 0x8b0
07/29 13:16:55 NetpManageMachineAccountWithSid: status of attempting to
set password on '\\server-central.domain.local' for 'COMPUTER5$': 0x0
07/29 13:16:55 NetpJoinDomain: status of creating account: 0x0
07/29 13:16:55 NetpGetComputerObjectDn: Unable to bind to DS on
'\\server-central.domain.local': 0x54f
07/29 13:16:55 NetpSetDnsHostNameAndSpn: NetpGetComputerObjectDn failed:
0x54f
07/29 13:16:55 ldap_unbind status: 0x0
07/29 13:16:55 NetpJoinDomain: status of setting DnsHostName and SPN: 0x54f
07/29 13:16:55 NetpJoinDomain: initiaing a rollback due to earlier errors
07/29 13:16:55 NetpGetLsaPrimaryDomain: status: 0x0
07/29 13:16:55 NetpManageMachineAccountWithSid: status of disabling
account 'COMPUTER5$' on '\\server-central.domain.local': 0x0
07/29 13:16:55 NetpJoinDomain: rollback: status of deleting computer
account: 0x0
07/29 13:16:55 NetpLsaOpenSecret: status: 0x0
07/29 13:16:55 NetpJoinDomain: rollback: status of deleting secret: 0x0
07/29 13:16:55 NetpJoinDomain: status of disconnecting from
'\\server-central.domain.local': 0x0
07/29 13:16:55 NetpDoDomainJoin: status: 0x54f
-------------
I have no idea wa
--
Javier Amor García - Developer
Zentyal - Active Exchange - www.zentyal.com
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Rowland Penny
Jul 29, 2015, 1:30:03 PM7/29/15
to
Rowland
Javier Amor Garcia
Jul 30, 2015, 9:50:04 AM7/30/15
to
I added accept input and output rules for the windows xp addresses so I
pretty sure this is not the problem.
Anyway if it was a connectivity problem, it should have fail earlier in
the process.
>
> Firewall ?
>
> Rowland
pretty sure this is not the problem.
Anyway if it was a connectivity problem, it should have fail earlier in
the process.
>
> Firewall ?
>
> Rowland
Rowland Penny
Jul 30, 2015, 10:20:02 AM7/30/15
to
On 30/07/15 14:44, Javier Amor Garcia wrote:
> I added accept input and output rules for the windows xp addresses so
> I pretty sure this is not the problem.
> Anyway if it was a connectivity problem, it should have fail earlier
> in the process.
Not necessarily, it may be able to connect to some ports, but not all
> I added accept input and output rules for the windows xp addresses so
> I pretty sure this is not the problem.
> Anyway if it was a connectivity problem, it should have fail earlier
> in the process.
that are required and is failing when it cannot connect to a closed
port. Best way I have found to start debugging this, turn off the
firewall on the client and see if this fixes the problem, if it does, it
is a firewall problem and then you need to find out what ports are
blocked, if it doesn't fix it, then it isn't the firewall :-)
Rowland
>
>>
>> Firewall ?
>>
>> Rowland
0 new messages