Ubuntu 25.4 samba-gpupdate fails (LdapErr: DSID-0C090C92: a successful bind must be completed on the connection)

rastalan244 · April 3, 2025, 2:27pm

Hi there,

I know it is still in beta, but I will ask anyway.

I run 24.4.2 Ubuntu and everything regarding AD works perfectly. So I thought I give 25.4 a try when running into the following issue. I join the domain and that itself works fine. I can login, SSO for websites works and everthing else too.

But when running samba-gpupdate (to obtain machine certificate from the domain) I get the following error:

Traceback (most recent call last):
  File "/usr/sbin/samba-gpupdate", line 135, in <module>
    apply_gp(lp, creds, store, gp_extensions, username,
    ~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
             opts.target, opts.force)
             ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/samba/gp/gpclass.py", line 1009, in apply_gp
    gpos = get_gpo_list(dc_hostname, creds, lp, username)
  File "/usr/lib/python3/dist-packages/samba/gp/gpclass.py", line 848, in get_gpo_list
    uac, dn = find_samaccount(samdb, username.split('\\')[-1])
              ~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/samba/gp/gpclass.py", line 694, in find_samaccount
    res = samdb.search(samdb.get_default_basedn(), ldb.SCOPE_SUBTREE,
                       '(sAMAccountName={})'.format(samaccountname), attrs)
_ldb.LdbError: (1, '000004DC: LdapErr: DSID-0C090C92, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v4f7c')

I double checked all configs. Everything else regarding the AD runs fine too.
25.4 uses samba-gpupdate-2.4.21.4+dfsg-1ubuntu3 and I tried samba-gpupdate-2.4.19.5+dfsg-4ubuntu9 (from Ubuntu 24.4.2) to no avail. It produces exactly the same error message.

Any suggestions ?

Thanks in advance

Actionparsnip · April 3, 2025, 2:40pm

I suggest you report a bug

eeickmeyer · April 3, 2025, 2:49pm

Moved to pre-release discussion. Furthermore, please use yy.mm for Ubuntu releases. 25.4 does not and will never exist, however, 25.04 is set to release later this month.

rastalan244 · April 4, 2025, 10:42am

Can you paste me the url ? I am kind of lost in the new forums…

rastalan244 · April 4, 2025, 10:48am

You are right. I will do so in the future

eeickmeyer · April 4, 2025, 4:28pm

You can always edit your posts.

dpkg -S shows that samba-gpupdate is part of python3-samba, so that’s the package you’ll report the bug against.

Bug reports are not done here but on Launchpad. Rather than give you a URL, I’ll give you the easy way. Type this in a terminal:

ubuntu-bug python3-samba

That will collect all necessary logs automatically and then open a browser window with a form for you to fill out. Be as detailed as possible in the Bug Description, but be brief in the title. “samba-gpupdate fails (LdapErr: DSID-0C090C92: a successful bind must be completed on the connection)” would be perfect for that. But then, in the large box that follows, be very detailed and include what you were trying to accomplish and what you expected.

rastalan244 · April 14, 2025, 10:22am

Thanks for your help. I reported the bug the way you suggested. Where I can I find the bug report to follow up on the progress?

eeickmeyer · April 14, 2025, 2:58pm

It opened up a web page after you filed it, right? It would be that web page.

Edit: Found it: Bug #2107324 “samba-gpupdate fails(LdapErr: DSID-0C090C90 to per...” : Bugs : samba package : Ubuntu