Are you saying that there are 3 DCs for ORGDEPTS domain? If so, are they all in the same ADS site? There is a known domain join issue in a multiple DC environment.
Regards, Natalie Naadir Jeewa wrote: >parameters reset, and debug logged: > >Feb 12 23:40:22 TestServer smbd[10665]: [ID 290708 daemon.debug] NS Found >128.40.238.81 name server >Feb 12 23:40:22 TestServer smbd[10665]: [ID 327122 daemon.debug] NS Found 1 >name servers >Feb 12 23:40:22 TestServer smbd[10665]: [ID 547426 daemon.debug] >msdcsLookupADS: orgdepts-dc2 [I] >Feb 12 23:40:22 TestServer smbd[10665]: [ID 395055 daemon.debug] DC Offer >[ORGDEPTS]: orgdepts-dc2 [10.10.250.17] >Feb 12 23:40:22 TestServer smbd[10665]: [ID 622660 daemon.debug] DC discovered >for ORGDEPTS: orgdepts-dc2 [10.10.250.17] >Feb 12 23:40:24 TestServer smbd[10665]: [ID 362282 daemon.error] ads: Retry >kinit to acquire credential. >Feb 12 23:40:24 TestServer smbd[10665]: [ID 362282 daemon.error] ads: Retry >kinit to acquire credential. >Feb 12 23:40:24 TestServer smbd[10665]: [ID 603154 daemon.debug] smb_kinit: >Authenticated to Kerberos v5 >Feb 12 23:40:24 TestServer smbd[10665]: [ID 976343 daemon.error] Strong >authentication required >Feb 12 23:40:24 TestServer smbd[10665]: [ID 976343 daemon.error] Strong >authentication required >Feb 12 23:40:24 TestServer smbd[10665]: [ID 871254 daemon.error] smbd: failed >joining ORGDEPTS.ORG.AC.UK (UNSUCCESSFUL) >Feb 12 23:40:24 TestServer smbd[10665]: [ID 871254 daemon.error] smbd: failed >joining ORGDEPTS.ORG.AC.UK (UNSUCCESSFUL) > >This is a multi-domain forest with 3 DCs offered by DNS. > >Other messages when restarting idmap: > >Feb 12 23:45:47 TestServer idmap[10727]: [ID 721898 daemon.info] idmapd: >Global catalog server is not configured; AD lookup will fail until one or more >global catalog server names are configured or discovered; auto-discovery will >begin shortly >Feb 12 23:45:47 TestServer idmap[10727]: [ID 737341 daemon.error] idmapd: AD >lookup disabled >Feb 12 23:45:47 TestServer idmap[10727]: [ID 737341 daemon.error] idmapd: AD >lookup disabled >Feb 12 23:45:47 TestServer idmap[10727]: [ID 954839 daemon.debug] idmapd: >initial configuration loaded >Feb 12 23:45:47 TestServer idmap[10727]: [ID 462442 daemon.debug] idmapd: >list_size_limit=0 >Feb 12 23:45:47 TestServer idmap[10727]: [ID 170379 daemon.debug] idmapd: >default_domain=null >Feb 12 23:45:47 TestServer idmap[10727]: [ID 728520 daemon.debug] idmapd: >domain_name=null >Feb 12 23:45:47 TestServer idmap[10727]: [ID 757148 daemon.debug] idmapd: >machine_sid=S-1-5-21-2282376632-3551028245-3036412051-490369195 >Feb 12 23:45:47 TestServer idmap[10727]: [ID 476138 daemon.debug] idmapd: No >domain controllers known >Feb 12 23:45:47 TestServer idmap[10727]: [ID 505035 daemon.debug] idmapd: >forest_name=null >Feb 12 23:45:47 TestServer idmap[10727]: [ID 872174 daemon.debug] idmapd: >site_name=null >Feb 12 23:45:47 TestServer idmap[10727]: [ID 732938 daemon.debug] idmapd: No >global catalog servers known >Feb 12 23:45:47 TestServer idmap[10727]: [ID 888767 daemon.debug] idmapd: >ds_name_mapping_enabled=false >Feb 12 23:45:47 TestServer idmap[10727]: [ID 570925 daemon.debug] idmapd: >ad_unixuser_attr=null >Feb 12 23:45:47 TestServer idmap[10727]: [ID 245141 daemon.debug] idmapd: >ad_unixgroup_attr=null >Feb 12 23:45:47 TestServer idmap[10727]: [ID 272838 daemon.debug] idmapd: >nldap_winname_attr=null >Feb 12 23:45:48 TestServer idmap[10727]: [ID 763396 daemon.debug] idmapd: >searching DNS for SRV RRs named '_ldap._tcp.dc._msdcs' >Feb 12 23:45:48 TestServer idmap[10727]: [ID 737506 daemon.debug] idmapd: >Found _ldap._tcp.dc._msdcs.orgdepts.org.ac.uk 16 IN SRV [0][100] >orgdepts-dc3.orgdepts.org.ac.uk:389 >Feb 12 23:45:48 TestServer idmap[10727]: [ID 737506 daemon.debug] idmapd: >Found _ldap._tcp.dc._msdcs.orgdepts.org.ac.uk 16 IN SRV [0][100] >orgdepts-dc1.orgdepts.org.ac.uk:389 >Feb 12 23:45:48 TestServer idmap[10727]: [ID 737506 daemon.debug] idmapd: >Found _ldap._tcp.dc._msdcs.orgdepts.org.ac.uk 16 IN SRV [0][100] >orgdepts-dc2.orgdepts.org.ac.uk:389 >Feb 12 23:45:48 TestServer idmap[10727]: [ID 763396 daemon.debug] idmapd: >querying DNS for SRV RRs named '_ldap._tcp.dc._msdcs' >Feb 12 23:45:48 TestServer idmap[10727]: [ID 737506 daemon.debug] idmapd: >Found _ldap._tcp.dc._msdcs.orgdepts.org.ac.uk 16 IN SRV [0][100] >orgdepts-dc1.orgdepts.org.ac.uk:389 >Feb 12 23:45:48 TestServer idmap[10727]: [ID 737506 daemon.debug] idmapd: >Found _ldap._tcp.dc._msdcs.orgdepts.org.ac.uk 16 IN SRV [0][100] >orgdepts-dc2.orgdepts.org.ac.uk:389 >Feb 12 23:45:48 TestServer idmap[10727]: [ID 737506 daemon.debug] idmapd: >Found _ldap._tcp.dc._msdcs.orgdepts.org.ac.uk 16 IN SRV [0][100] >orgdepts-dc3.orgdepts.org.ac.uk:389 >Feb 12 23:45:48 TestServer idmap[10727]: [ID 218067 daemon.debug] >pkcs11_softtoken: Keystore access failed. >Feb 12 23:45:48 TestServer idmap[10727]: [ID 653447 daemon.info] idmapd: LDAP >SASL bind to orgdepts-dc1.orgdepts.org.ac.uk:389 failed (Local error) >Feb 12 23:45:48 TestServer idmap[10727]: [ID 653447 daemon.info] idmapd: LDAP >SASL bind to orgdepts-dc2.orgdepts.org.ac.uk:389 failed (Local error) >Feb 12 23:45:48 TestServer idmap[10727]: [ID 653447 daemon.info] idmapd: LDAP >SASL bind to orgdepts-dc3.orgdepts.org.ac.uk:389 failed (Local error) >Feb 12 23:45:48 TestServer idmap[10727]: [ID 840489 daemon.error] idmapd: >Couldn't open and SASL bind LDAP connections to any domain controllers; >discovery of some items will fail >Feb 12 23:45:48 TestServer idmap[10727]: [ID 840489 daemon.error] idmapd: >Couldn't open and SASL bind LDAP connections to any domain controllers; >discovery of some items will fail >Feb 12 23:45:48 TestServer idmap[10727]: [ID 653447 daemon.info] idmapd: LDAP >SASL bind to orgdepts-dc1.orgdepts.org.ac.uk:389 failed (Local error) >Feb 12 23:45:48 TestServer idmap[10727]: [ID 653447 daemon.info] idmapd: LDAP >SASL bind to orgdepts-dc2.orgdepts.org.ac.uk:389 failed (Local error) >Feb 12 23:45:48 TestServer idmap[10727]: [ID 653447 daemon.info] idmapd: LDAP >SASL bind to orgdepts-dc3.orgdepts.org.ac.uk:389 failed (Local error) >Feb 12 23:45:48 TestServer idmap[10727]: [ID 840489 daemon.error] idmapd: >Couldn't open and SASL bind LDAP connections to any domain controllers; >discovery of some items will fail >Feb 12 23:45:48 TestServer idmap[10727]: [ID 430270 daemon.info] idmapd: >unable to discover Forest Name > > >This message posted from opensolaris.org >_______________________________________________ >storage-discuss mailing list >[email protected] >http://mail.opensolaris.org/mailman/listinfo/storage-discuss > > _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
