samba-tool reports the following error when creating a trust between Samba 4.18.2 Active Directory and Microsoft Active Directory:
samba-tool domain trust create infra.local --type=forest --direction=both --create-location=local --skip-validation --ipaddress=<PDC_IP_Address> --firstname.lastname@example.org --password=Password
LocalDomain Netbios[SAMDOM] DNS[samdom.internal] SID[S-1-5-21-xxxxx]
RemoteDC Netbios[ADDS01] DNS[ADDS01.infra.local]
RemoteDomain Netbios[INFRA] DNS[infra.local] SID[S-1-5-21-xxxxx]
Creating local TDO.
Local TDO created
Setting supported encryption types on local TDO.
ERROR(<class 'UnboundLocalError'>): uncaught exception - local variable 'remote_tdo_handle' referenced before assignment
File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line 230, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python3/dist-packages/samba/netcmd/domain.py", line 2852, in run
if remote_tdo_handle is not None:
Even with the error, the trust is created and authentication / authorization between the two parties works anyway.
# Environment information:
- Linux distribution / version: Ubuntu 22.04.2 LTS
- Samba version: 4.18.2
- Microsoft Active Directory domain controllers: Windows Server 2019 or Windows Server 2022 (same behavior with either)
- Microsoft Active Directory forest and domain level: 2012 or 2016 (same behavior with either)
The UnboundLocalError was fixed in commit e4b81f7f6d43fba73ca4f34ed412fe85d35fb7cb, but the fix was not backported to 4.18.
I didn’t mean to imply that a deliberate decision was made not to backport the fix. A patch that wasn’t considered for backporting at the time it was merged can still receive a backport later, if to do so would be worthwhile.