GOAD
GOAD copied to clipboard
Orange-Cyberdefense
TASK [member_server : Add member server] Error. SVR02
while running through the member_server task, I get this error when trying to join SVR02 to north.sevenkingdoms.local. Any suggestions
TASK [member_server : Add member server] ******************************************* fatal: [srv02]: FAILED! => {"changed": true, "msg": "failed to join domain: Computer 'castelblack' failed to join domain 'north.sevenkingdoms.local' from its current workgroup 'WORKGROUP' with following error message: The specified domain either does not exist or could not be contacted.", "reboot_required": false}
PLAY RECAP *************************************************************************
dc01 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
dc02 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
srv02 : ok=6 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
[!] Fatal error from ansible with exit code: 2 [!] We are going to retry [!] 3 restarts occurred, exiting...
This is on Proxmox
try to reboot srv02, verify there is no dns issue and you can resolve north.sevenkingdoms.local from the server. than try to rerun the playbook
Hi!! Thanks for responding..I can't resolve the domain but I am able to ping the domain name ( i had added the domain to the etc\hosts file though)
I am able to resolve north.sevenkingdoms.local on DC02
I tore down the VMs and rebuilt them again but i still get that same error message . Though this time I am able to resolve north.sevenkingdoms.local
Tried adding a specific firewall rule to allow DNS. Still no luck :(
P.S
By the way i should add that i get this warning as well but the script always powers through it. Not sure if it's related to the issue
Hi, I have the same trouble. I also use proxmox.
After a little search I saw that dc02 does not have domain. I have a popup to promote it at domain controler.
Hi, I have the same trouble. I also use proxmox.
After a little search I saw that dc02 does not have domain. I have a popup to promote it at domain controler.
Yeah . that's the same thing I am seen over here. I was not successful in trying to manually join a domain, were you?
EDIT: Nuking the VM's, repacking the templates, re-terraforming and running the ansible playbook fixed the issue. My original templates must have rebooted before shutting down and ran the OOBE to set the SID.
This is due to the SID of DC02 being the same as the SID of the sevenkingdoms.local domain of DC01 because of the packer template. You can change the SID using Sysprep, and then run the playbook again and it should successfully add the child domain.
I then get an error when attempting to perform the same Sysprep change SID on DC03, with a cannot perform install message after a reboot. I'm currenly trying to figure out how we can use the packer templates and have unique SID's.
This is the later message about essos (DC03), after fixing DC02 with Sysprep:
fatal: [srv03]: FAILED! => {"changed": true, "msg": "failed to join domain: Computer 'braavos' failed to join domain 'essos.local' from its current workgroup 'WORKGROUP' with following error message: The domain join cannot be completed because the SID of the domain you attempted to join was identical to the SID of this machine. This is a symptom of an improperly cloned operating system install. You should run sysprep on this machine in order to generate a new machine SID. Please see http://go.microsoft.com/fwlink/?LinkId=168895 for more information.", "reboot_required": false}
Hi, I have the same trouble. I also use proxmox. After a little search I saw that dc02 does not have domain. I have a popup to promote it at domain controler.
Yeah . that's the same thing I am seen over here. I was not successful in trying to manually join a domain, were you?
Did you manage to fix this?
Edit: the issue was fixed by disabling the ipv6 adapters on all hosts.
EDIT: Nuking the VM's, repacking the templates, re-terraforming and running the ansible playbook fixed the issue. My original templates must have rebooted before shutting down and ran the OOBE to set the SID.
This is due to the SID of DC02 being the same as the SID of the sevenkingdoms.local domain of DC01 because of the packer template. You can change the SID using Sysprep, and then run the playbook again and it should successfully add the child domain. I then get an error when attempting to perform the same Sysprep change SID on DC03, with a cannot perform install message after a reboot. I'm currenly trying to figure out how we can use the packer templates and have unique SID's.
This is the later message about essos (DC03), after fixing DC02 with Sysprep:
fatal: [srv03]: FAILED! => {"changed": true, "msg": "failed to join domain: Computer 'braavos' failed to join domain 'essos.local' from its current workgroup 'WORKGROUP' with following error message: The domain join cannot be completed because the SID of the domain you attempted to join was identical to the SID of this machine. This is a symptom of an improperly cloned operating system install. You should run sysprep on this machine in order to generate a new machine SID. Please see http://go.microsoft.com/fwlink/?LinkId=168895 for more information.", "reboot_required": false}
On my Environment (Proxmox PVE 3.12-1) I had to add a /quit argument into the scripts/sysprep/cloudbase-init-p2.sh1. So the last line now reads: "start-process -FilePath "C:/Windows/system32/sysprep/sysprep.exe" -ArgumentList "/generalize /oobe /mode:vm /quit /unattend:cloudbase-init-unattend.xml" -wait"
Before that sysprep would not run correctly on the 2k19.
