无法将计算机加入 Samba 域（Zentyal）-无法加入领域：加入域的权限不足

我是 Zentyal 的新用户（几个月了），我很喜欢它！但我遇到了一个问题，希望有人能帮助我。

在我的部署中，我有两个 Zentyal 服务器（zentyal-1.mydomain.com和zentyal-2.mydomain.com），都运行“域控制器和文件共享”服务。想法是拥有主 DC 控制器和辅助 DC 控制器。我成功使用此设置几个月，这意味着我已成功将多台 Ubuntu / Windows 11 机器加入其中，创建了多个用户等。

今天，当我尝试按照与之前完全相同的步骤加入另一台 Ubuntu 机器时，出现了问题。这次我遇到了错误。以下是命令和完整输出（仅编辑了域名）：

$ sudo realm join -v mydomain.com
 * Resolving: _ldap._tcp.mydomain.com
 * Performing LDAP DSE lookup on: 172.16.0.101
 * Performing LDAP DSE lookup on: 172.16.0.102
 * Successfully discovered: mydomain.com
Password for Administrator: 
 * Unconditionally checking packages
 * Resolving required packages
 * LANG=C /usr/sbin/adcli join --verbose --domain mydomain.com --domain-realm MYDOMAIN.COM --domain-controller 172.16.0.101 --login-type user --login-user Administrator --stdin-password
 * Using domain name: mydomain.com
 * Calculated computer account name from fqdn: GITLAB
 * Using domain realm: mydomain.com
 * Sending NetLogon ping to domain controller: 172.16.0.101
 * Received NetLogon info from: zentyal-1.mydomain.com
 * Wrote out krb5.conf snippet to /var/cache/realmd/adcli-krb5-gKcH27/krb5.d/adcli-krb5-conf-JlLa8m
 * Authenticated as user: [email protected]
 * Using GSS-SPNEGO for SASL bind
 * Looked up short domain name: MYDOMAIN
 * Looked up domain SID: S-1-5-21-2787685195-3023692109-2783229274
 * Using fully qualified name: gitlab.mydomain.com
 * Using domain name: mydomain.com
 * Using computer account name: GITLAB
 * Using domain realm: mydomain.com
 * Calculated computer account name from fqdn: GITLAB
 * Generated 120 character computer password
 * Using keytab: FILE:/etc/krb5.keytab
 * A computer account for GITLAB$ does not exist
 * Found well known computer container at: CN=Computers,DC=mydomain,DC=com
 * Calculated computer account: CN=GITLAB,CN=Computers,DC=mydomain,DC=com
 * Encryption type [3] not permitted.
 * Encryption type [1] not permitted.
 ! Insufficient permissions to modify computer account: CN=GITLAB,CN=Computers,DC=mydomain,DC=com: 0000202F: ../../ldb_key_value/ldb_kv_index.c:3048: Failed to re-index objectSid in CN=GITLAB,CN=Computers,DC=mydomain,DC=com - ../../ldb_key_value/ldb_kv_index.c:2893: unique index violation on objectSid in CN=GITLAB,CN=Computers,DC=mydomain,DC=com
adcli: joining domain mydomain.com failed: Insufficient permissions to modify computer account: CN=GITLAB,CN=Computers,DC=mydomain,DC=com: 0000202F: ../../ldb_key_value/ldb_kv_index.c:3048: Failed to re-index objectSid in CN=GITLAB,CN=Computers,DC=mydomain,DC=com - ../../ldb_key_value/ldb_kv_index.c:2893: unique index violation on objectSid in CN=GITLAB,CN=Computers,DC=mydomain,DC=com
 ! Insufficient permissions to join the domain
realm: Couldn't join realm: Insufficient permissions to join the domain

如您所见，我使用了内置管理员帐户，并且根据输出，它已成功通过身份验证。但我收到“权限不足，无法加入域”。

任何帮助将不胜感激！

谢谢！