Hello from Munich,
we plan to introduce UCS as a replacement of our old Microsoft AD (name “BITSCHUBSER”).
I created a test environment consisting of the MS W2k8 PDC (as VM), test clients and a fresh installation of the latest UCS including the AD-takeover App.
The UCS machine (name “BITBLASTER”) is network-wise in the same IPv4 subnet, has a unique hostname, the same DNS domain name (“domainname.intranet”) and has set the AD DNS as primary name server.
Like many fellows here before we are stuck as the takeover always fails with the ERROR “Could not find machine account in secrets database…” which causes some uncaught exceptions.
We already invested a lot of time in testing this, but didn’t find any way to make the takeover work.
Perhaps anyone has a good idea what could be the real reason for this strange and misleading error message. To my information for the AD domain there is never a machine account in AD…
Thanks for your help or some hints in adavance. 
Lars
An finally here’s a part of one of the logs:
…
2025-12-17 12:35:36,775 Starting Samba domain join.
2025-12-17 12:35:37,166 is_password_option:
2025-12-17 12:35:37,166 Note for developers: if ‘–machinepass-file=/etc/machine.secret’ is not misspelt, it should be added to the appropriate list in is_password_option().
2025-12-17 12:35:37,252 INFO 2025-12-17 12:35:37,252 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #1605: workgroup is DOMAINNAME
2025-12-17 12:35:37,253 INFO 2025-12-17 12:35:37,252 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #1608: realm is domainname.intranet
2025-12-17 12:35:37,832 INFO 2025-12-17 12:35:37,832 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2396: Looking up IPv4 addresses
2025-12-17 12:35:37,833 INFO 2025-12-17 12:35:37,833 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2413: Looking up IPv6 addresses
2025-12-17 12:35:37,834 WARNING 2025-12-17 12:35:37,834 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2420: No IPv6 address will be assigned
2025-12-17 12:35:38,233 INFO 2025-12-17 12:35:38,233 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2586: Setting up share.ldb
2025-12-17 12:35:38,282 INFO 2025-12-17 12:35:38,282 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2590: Setting up secrets.ldb
2025-12-17 12:35:38,316 INFO 2025-12-17 12:35:38,315 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2595: Setting up the registry
2025-12-17 12:35:38,477 INFO 2025-12-17 12:35:38,476 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2598: Setting up the privileges database
2025-12-17 12:35:38,553 INFO 2025-12-17 12:35:38,553 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2601: Setting up idmap db
2025-12-17 12:35:38,610 INFO 2025-12-17 12:35:38,610 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2608: Setting up SAM db
2025-12-17 12:35:38,626 INFO 2025-12-17 12:35:38,626 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #892: Setting up sam.ldb partitions and settings
2025-12-17 12:35:38,627 INFO 2025-12-17 12:35:38,627 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #904: Setting up sam.ldb rootDSE
2025-12-17 12:35:38,639 INFO 2025-12-17 12:35:38,639 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #1320: Pre-loading the Samba 4 and AD schema
2025-12-17 12:35:38,641 Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
2025-12-17 12:35:38,729 INFO 2025-12-17 12:35:38,729 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2709: A Kerberos configuration suitable for Samba AD has been generated at /var/lib/samba/private/krb5.conf
2025-12-17 12:35:38,730 INFO 2025-12-17 12:35:38,729 pid:45811 /usr/lib/python3/dist-packages/samba/provision/init.py #2711: Merge the contents of this file with your system krb5.conf or replace it with this one. Do not create a symlink!
2025-12-17 12:35:38,742 INFO 2025-12-17 12:35:38,741 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #964: Starting replication
2025-12-17 12:35:38,929 Schema-DN[CN=Schema,CN=Configuration,DC=domainname,DC=intranet] objects[402/1653] linked_values[0/0]
2025-12-17 12:35:39,115 Schema-DN[CN=Schema,CN=Configuration,DC=domainname,DC=intranet] objects[804/1653] linked_values[0/0]
2025-12-17 12:35:39,289 Schema-DN[CN=Schema,CN=Configuration,DC=domainname,DC=intranet] objects[1206/1653] linked_values[0/0]
2025-12-17 12:35:39,463 Schema-DN[CN=Schema,CN=Configuration,DC=domainname,DC=intranet] objects[1608/1653] linked_values[0/0]
2025-12-17 12:35:39,552 Schema-DN[CN=Schema,CN=Configuration,DC=domainname,DC=intranet] objects[1773/1653] linked_values[0/0]
2025-12-17 12:35:39,552 Analyze and apply schema objects
2025-12-17 12:35:41,284 Partition[CN=Configuration,DC=domainname,DC=intranet] objects[402/2278] linked_values[0/54]
2025-12-17 12:35:41,678 Partition[CN=Configuration,DC=domainname,DC=intranet] objects[804/2278] linked_values[0/54]
2025-12-17 12:35:42,055 Partition[CN=Configuration,DC=domainname,DC=intranet] objects[1206/2278] linked_values[0/54]
2025-12-17 12:35:42,433 Partition[CN=Configuration,DC=domainname,DC=intranet] objects[1608/2278] linked_values[2/54]
2025-12-17 12:35:42,820 Partition[CN=Configuration,DC=domainname,DC=intranet] objects[1897/2278] linked_values[42/54]
2025-12-17 12:35:42,854 dsdb_replicated_objects_convert: Ignoring object outside partition d50514c2-44d9-4c23-bbf2-ad6775f192c6 CN=Schema,CN=Configuration,DC=domainname,DC=intranet: WERR_DS_ADD_REPLICA_INHIBITED
2025-12-17 12:35:43,059 Partition[CN=Configuration,DC=domainname,DC=intranet] objects[1920/2278] linked_values[54/54]
2025-12-17 12:35:43,156 Partition[DC=domainname,DC=intranet] objects[99/144] linked_values[33/40]
2025-12-17 12:35:43,377 Partition[DC=domainname,DC=intranet] objects[197/2124] linked_values[0/40]
2025-12-17 12:35:43,681 Partition[DC=domainname,DC=intranet] objects[386/2124] linked_values[0/40]
2025-12-17 12:35:43,973 Partition[DC=domainname,DC=intranet] objects[589/2124] linked_values[0/40]
2025-12-17 12:35:44,298 Partition[DC=domainname,DC=intranet] objects[735/2124] linked_values[40/40]
2025-12-17 12:35:44,330 dsdb_replicated_objects_convert: Ignoring object outside partition 1de3816a-6458-44e7-8515-1e6516fed10e CN=Configuration,DC=domainname,DC=intranet: WERR_DS_ADD_REPLICA_INHIBITED
2025-12-17 12:35:44,331 dsdb_replicated_objects_convert: Ignoring object outside partition 09edf625-d0f8-44da-b7e2-54a8116b8ebb DC=DomainDnsZones,DC=domainname,DC=intranet: WERR_DS_ADD_REPLICA_INHIBITED
2025-12-17 12:35:44,331 dsdb_replicated_objects_convert: Ignoring object outside partition 12e75763-7a5d-4bf5-a96c-ab2597d7fb83 DC=ForestDnsZones,DC=domainname,DC=intranet: WERR_DS_ADD_REPLICA_INHIBITED
2025-12-17 12:35:44,552 Partition[DC=domainname,DC=intranet] objects[838/2124] linked_values[40/40]
2025-12-17 12:35:44,935 Partition[DC=DomainDnsZones,DC=domainname,DC=intranet] objects[111/74] linked_values[0/0]
2025-12-17 12:35:45,099 Partition[DC=ForestDnsZones,DC=domainname,DC=intranet] objects[14/14] linked_values[0/0]
2025-12-17 12:35:45,162 Exop on[CN=RID Manager$,CN=System,DC=domainname,DC=intranet] objects[3] linked_values[0]
2025-12-17 12:35:45,166 INFO 2025-12-17 12:35:45,166 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #1084: Committing SAM database - this may take some time
2025-12-17 12:35:48,606 Repacking database from v1 to v2 format (first record CN=Allowed-Child-Classes,CN=Schema,CN=Configuration,DC=domainname,DC=intranet)
2025-12-17 12:35:48,634 Repack: re-packed 10000 records so far
2025-12-17 12:35:48,681 Repacking database from v1 to v2 format (first record CN=nTFRSSubscriber-Display,CN=41d,CN=DisplaySpecifiers,CN=Configuration,DC=domainname,DC=intranet)
2025-12-17 12:35:48,719 Repacking database from v1 to v2 format (first record DC=165\0ADEL:44f31821-f3b0-4b86-b6c8-dee0641abb1f,CN=Deleted Objects,DC=DomainDnsZones,DC=domainname,DC=intranet)
2025-12-17 12:35:48,726 Repacking database from v1 to v2 format (first record CN=LostAndFound,DC=ForestDnsZones,DC=domainname,DC=intranet)
2025-12-17 12:35:48,753 Repacking database from v1 to v2 format (first record CN=4F8FB0584B3D4C04A28C0CAD5C725DBDF8BB89D449C911D9A66A0050BAEAE4BD,CN=ObjectMoveTable,CN=FileLinks,CN=System,DC=domainname,DC=intranet)
2025-12-17 12:35:49,042 INFO 2025-12-17 12:35:49,042 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #1104: Committed SAM database
2025-12-17 12:35:49,046 INFO 2025-12-17 12:35:49,046 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #1180: Adding 1 remote DNS records for BITBLASTER.domainname.intranet
2025-12-17 12:35:49,128 INFO 2025-12-17 12:35:49,128 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #1242: Adding DNS A record BITBLASTER.domainname.intranet for IPv4 IP: 192.168.0.199
2025-12-17 12:35:49,165 INFO 2025-12-17 12:35:49,165 pid:45811 /usr/lib/python3/dist-packages/samba/join.py #1270: Adding DNS CNAME record 1dd240a5-6813-48ee-b784-8bcd3334723d._msdcs.domainname.intranet for BITBLASTER.domainname.intranet
2025-12-17 12:35:49,174 Could not find machine account in secrets database: Failed to fetch machine account password for DOMAINNAME from both secrets.ldb (Could not find entry to match filter: ‘(&(flatname=DOMAINNAME)(objectclass=primaryDomain))’ base: ‘cn=Primary Domains’: No such object: dsdb_search at …/…/source4/dsdb/common/util.c:5731) and from /var/lib/samba/private/secrets.tdb: NT_STATUS_CANT_ACCESS_DOMAIN_INFO
2025-12-17 12:35:49,258 ERROR(runtime): uncaught exception - (9601, ‘WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST’)
2025-12-17 12:35:49,263 File “/usr/lib/python3/dist-packages/samba/netcmd/init.py”, line 353, in _run
2025-12-17 12:35:49,263 return self.run(*args, **kwargs)
2025-12-17 12:35:49,263 ^^^^^^^^^^^^^^^^^^^^^^^^^
2025-12-17 12:35:49,263 File “/usr/lib/python3/dist-packages/samba/netcmd/domain/join.py”, line 129, in run
2025-12-17 12:35:49,264 join_DC(logger=logger, server=server, creds=creds, lp=lp, domain=domain,
2025-12-17 12:35:49,264 File “/usr/lib/python3/dist-packages/samba/join.py”, line 1621, in join_DC
2025-12-17 12:35:49,264 ctx.do_join()
2025-12-17 12:35:49,264 File “/usr/lib/python3/dist-packages/samba/join.py”, line 1518, in do_join
2025-12-17 12:35:49,264 ctx.join_add_dns_records()
2025-12-17 12:35:49,264 File “/usr/lib/python3/dist-packages/samba/join.py”, line 1276, in join_add_dns_records
2025-12-17 12:35:49,264 dns_conn.DnssrvUpdateRecord2(client_version,
2025-12-17 12:35:49,331 Adding CN=BITBLASTER,OU=Domain Controllers,DC=domainname,DC=intranet
2025-12-17 12:35:49,332 Adding CN=BITBLASTER,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=domainname,DC=intranet
2025-12-17 12:35:49,332 Adding CN=NTDS Settings,CN=BITBLASTER,CN=Servers,CN=Standardname-des-ersten-Standorts,CN=Sites,CN=Configuration,DC=domainname,DC=intranet
2025-12-17 12:35:49,332 Adding SPNs to CN=BITBLASTER,OU=Domain Controllers,DC=domainname,DC=intranet
2025-12-17 12:35:49,332 Setting account password for BITBLASTER$
2025-12-17 12:35:49,332 Enabling account
2025-12-17 12:35:49,332 Calling bare provision
2025-12-17 12:35:49,333 Provision OK for domain DN DC=domainname,DC=intranet
2025-12-17 12:35:49,333 Replicating critical objects from the base DN of the domain
2025-12-17 12:35:49,333 Done with always replicated NC (base, config, schema)
2025-12-17 12:35:49,333 Replicating DC=DomainDnsZones,DC=domainname,DC=intranet
2025-12-17 12:35:49,333 Replicating DC=ForestDnsZones,DC=domainname,DC=intranet
2025-12-17 12:35:49,333 Join failed - cleaning up
