demote error

Daniele Dario d.dario76 at gmail.com
Wed Jun 27 01:24:28 MDT 2012 

On Wed, 2012-06-27 at 07:29 +0200, Andreas Oster wrote:
> Am 12.04.2012 16:29, schrieb Daniele Dario:
> > Sorry,
> > the problem was that I didn't submit the -U administrator statement.
> > 
> > Using it all works.
> > 
> > Again sorry,
> > Daniele.
> > 
> > On Thu, 2012-04-12 at 15:44 +0200, Daniele Dario wrote:
> >> Hi samba team,
> >> I've seen in other threads that with Version 4.0.0alpha20-GIT-81d1749
> >> replication of DNS partitions between DCs now should be automatic so I
> >> decided to try to demote my secondary DC to try to join it again to the
> >> domain and see if replication starts also for me.
> >>
> >> Trying to run samba-tool domain demote -d 10 it fails with
> >>
> >> ...
> >> ../librpc/rpc/dcerpc_util.c:140: auth_pad_length 12
> >>      drsuapi_DsReplicaSync: struct drsuapi_DsReplicaSync
> >>         out: struct drsuapi_DsReplicaSync
> >>             result                   : WERR_OK
> >> rpc reply data:
> >> [0000] 00 00 00 00                                       .... 
> >> lpcfg_servicenumber: couldn't find ldb
> >> added interface eth0 ip=fe80::20e:cff:fe3c:b729%eth0
> >> bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
> >> added interface eth0 ip=192.168.12.2 bcast=192.168.12.255
> >> netmask=255.255.255.0
> >> added interface eth0 ip=fe80::20e:cff:fe3c:b729%eth0
> >> bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
> >> added interface eth0 ip=192.168.12.2 bcast=192.168.12.255
> >> netmask=255.255.255.0
> >> Changing userControl and container
> >> Error while demoting, re-enabling inbound replication
> >> ldb:acl_modify: options
> >> Sorting rpmd with attid exception 3 rDN=CN DN=CN=NTDS
> >> Settings,CN=KDC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=saitelitalia,DC=local
> >> ERROR(ldb): Error while changing account control - LDAP error 1
> >> LDAP_OPERATIONS_ERROR -  <00002020: Operation unavailable without
> >> authentication> <>
> >>   File
> >> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
> >> line 288, in run
> >>     attrs=["userAccountControl"])
> >>
> >> how can I proceed to solve the problem?
> >>
> >> Thanks in advance,
> >> Daniele
> >>
> > 
> > 
> > 
> Hello Daniele,
> 
> can you tell me if samba needs to be stopped before demoting ?
> 
> Thanks
> 
> Andreas
> 
> 

Hello Andreas,
I did not stop it when I demoted the DC.

I think that stop samba on the DC to demote would prevent replicas/syncs
to other DCs so the command would fail.

Daniele.

More information about the samba-technical mailing list