samba-tool domain join intranet.example.com DC -Uadministrator --realm=INTRANET.example.COM -d 3 --site=Standardname-des-ersten-Standorts --dns-backend=SAMBA_INTERNAL


lpcfg_load: refreshing parameters from /etc/samba/smb.conf
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
Finding a writeable DC for domain 'intranet.example.com'
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name _ldap._tcp.intranet.example.com<0x0>
Found DC hauptserver.intranet.example.com
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name hauptserver.intranet.example.com<0x20>
Password for [INTRANET\administrator]:
Password for [INTRANET\administrator]:
workgroup is INTRANET
realm is intranet.example.com
Adding CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com
Adding CN=HAUPTSERVER2,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=intranet,DC=example,DC=com
Adding CN=NTDS Settings,CN=HAUPTSERVER2,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=intranet,DC=example,DC=com
Using binding ncacn_ip_tcp:hauptserver.intranet.example.com[,seal]
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name hauptserver.intranet.example.com<0x20>
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name hauptserver.intranet.example.com<0x20>
Adding SPNs to CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com
Setting account password for HAUPTSERVER2$
Enabling account
Calling bare provision
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Looking up IPv4 addresses
interpret_interface: using netmask value 24 from config file on interface eno1
Looking up IPv6 addresses
interpret_interface: using netmask value 24 from config file on interface eno1
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
ldb_wrap open of hklm.ldb
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
partition_metadata: Migrating partition metadata: open of metadata.tdb gave: (null)
A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/private/krb5.conf
Provision OK for domain DN DC=intranet,DC=example,DC=com
Starting replication
Using binding ncacn_ip_tcp:hauptserver.intranet.example.com[,seal]
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name hauptserver.intranet.example.com<0x20>
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name hauptserver.intranet.example.com<0x20>
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
Schema-DN[CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com] objects[402/1102] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com] objects[804/1102] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com] objects[1206/1102] linked_values[0/0]
Schema-DN[CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com] objects[1282/1102] linked_values[0/0]
Analyze and apply schema objects
Discarding older DRS attribute update to objectClass on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to whenCreated on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to dSASignature on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to objectVersion on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to showInAdvancedViewOnly on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to nTSecurityDescriptor on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to name on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to fSMORoleOwner on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to objectCategory on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to schemaInfo on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to objectClass on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to whenCreated on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to dSASignature on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to objectVersion on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to showInAdvancedViewOnly on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to nTSecurityDescriptor on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to name on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to fSMORoleOwner on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to objectCategory on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to schemaInfo on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to objectClass on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to whenCreated on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to dSASignature on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to objectVersion on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to showInAdvancedViewOnly on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to nTSecurityDescriptor on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to name on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to fSMORoleOwner on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to objectCategory on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to schemaInfo on CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Replicated 1282 objects (0 linked attributes) for CN=Schema,CN=Configuration,DC=intranet,DC=example,DC=com
Partition[CN=Configuration,DC=intranet,DC=example,DC=com] objects[402/2546] linked_values[0/18]
Replicated 402 objects (0 linked attributes) for CN=Configuration,DC=intranet,DC=example,DC=com
Partition[CN=Configuration,DC=intranet,DC=example,DC=com] objects[804/2546] linked_values[0/18]
Replicated 402 objects (0 linked attributes) for CN=Configuration,DC=intranet,DC=example,DC=com
Partition[CN=Configuration,DC=intranet,DC=example,DC=com] objects[1206/2546] linked_values[0/18]
Replicated 402 objects (0 linked attributes) for CN=Configuration,DC=intranet,DC=example,DC=com
Partition[CN=Configuration,DC=intranet,DC=example,DC=com] objects[1605/2546] linked_values[18/18]
Replicated 398 objects (18 linked attributes) for CN=Configuration,DC=intranet,DC=example,DC=com
Replicating critical objects from the base DN of the domain
Partition[DC=intranet,DC=example,DC=com] objects[93/181] linked_values[0/0]
Replicated 93 objects (0 linked attributes) for DC=intranet,DC=example,DC=com
Partition[DC=intranet,DC=example,DC=com] objects[384/1545] linked_values[0/0]
Replicated 291 objects (0 linked attributes) for DC=intranet,DC=example,DC=com
Partition[DC=intranet,DC=example,DC=com] objects[566/1545] linked_values[0/0]
Replicated 179 objects (0 linked attributes) for DC=intranet,DC=example,DC=com
Partition[DC=intranet,DC=example,DC=com] objects[617/1545] linked_values[0/0]
Replicated 51 objects (0 linked attributes) for DC=intranet,DC=example,DC=com
Done with always replicated NC (base, config, schema)
Replicating DC=DomainDnsZones,DC=intranet,DC=example,DC=com
Partition[DC=DomainDnsZones,DC=intranet,DC=example,DC=com] objects[126/126] linked_values[0/0]
Replicated 126 objects (0 linked attributes) for DC=DomainDnsZones,DC=intranet,DC=example,DC=com
Replicating DC=ForestDnsZones,DC=intranet,DC=example,DC=com
Partition[DC=ForestDnsZones,DC=intranet,DC=example,DC=com] objects[52/177] linked_values[0/0]
Replicated 52 objects (0 linked attributes) for DC=ForestDnsZones,DC=intranet,DC=example,DC=com
Exop on[CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com] objects[3] linked_values[0]
Discarding older DRS attribute update to objectClass on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to whenCreated on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to showInAdvancedViewOnly on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to nTSecurityDescriptor on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to name on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to fSMORoleOwner on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to systemFlags on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to objectCategory on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to isCriticalSystemObject on CN=RID Manager$,CN=System,DC=intranet,DC=example,DC=com from 9ea644a4-4ca7-4ee3-ad34-46745d5f2d12
Discarding older DRS attribute update to objectClass on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to whenCreated on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to displayName on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to nTSecurityDescriptor on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to name on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to userAccountControl on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to codePage on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to countryCode on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to dBCSPwd on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to localPolicyFlags on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to logonHours on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to unicodePwd on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to ntPwdHistory on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to pwdLastSet on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to primaryGroupID on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to supplementalCredentials on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to objectSid on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to accountExpires on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to lmPwdHistory on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to sAMAccountName on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to sAMAccountType on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to dNSHostName on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to servicePrincipalName on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to objectCategory on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Discarding older DRS attribute update to isCriticalSystemObject on CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com from 319c966d-a07c-430b-86ec-57c26697227d
Replicated 3 objects (0 linked attributes) for DC=intranet,DC=example,DC=com
Committing SAM database
interpret_interface: using netmask value 24 from config file on interface eno1
Adding 1 remote DNS records for HAUPTSERVER2.intranet.example.com
Using binding ncacn_ip_tcp:hauptserver.intranet.example.com[,sign]
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name hauptserver.intranet.example.com<0x20>
interpret_interface: using netmask value 24 from config file on interface eno1
interpret_interface: using netmask value 24 from config file on interface eno1
resolve_lmhosts: Attempting lmhosts lookup for name hauptserver.intranet.example.com<0x20>
Adding DNS A record HAUPTSERVER2.intranet.example.com for IPv4 IP: 192.168.17.2
Join failed - cleaning up
ldb_wrap open of secrets.ldb
Could not find machine account in secrets database: Failed to fetch machine account password for INTRANET from both secrets.ldb (Could not find entry to match filter: '(&(flatname=INTRANET)(objectclass=primaryDomain))' base: 'cn=Primary Domains': No such object: dsdb_search at ../source4/dsdb/common/util.c:4636) and from /var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Deleted CN=RID Set,CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com
Deleted CN=HAUPTSERVER2,OU=Domain Controllers,DC=intranet,DC=example,DC=com
Deleted CN=NTDS Settings,CN=HAUPTSERVER2,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=intranet,DC=example,DC=com
Deleted CN=HAUPTSERVER2,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=intranet,DC=example,DC=com
ERROR(runtime): uncaught exception - (9003, 'WERR_DNS_ERROR_RCODE_NAME_ERROR')
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line 661, in run
    machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1474, in join_DC
    ctx.do_join()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1384, in do_join
    ctx.join_add_dns_records()
  File "/usr/lib64/python2.7/site-packages/samba/join.py", line 1116, in join_add_dns_records
    dns_partition=domaindns_zone_dn)
  File "/usr/lib64/python2.7/site-packages/samba/samdb.py", line 939, in dns_lookup
    dns_partition=dns_partition)