Removing a domain controller help needed

[kris]

Hi andrew,

thanks for the answer

I'll try that although the purpose was mainly to avoid using windows tools.



Le 11/10/2013 05:00, Andrew Bartlett a écrit :
> On Fri, 2013-09-13 at 09:10 +0200, christophe wrote:
>> Hi,
>>
>> First guys, I'd like congratulate you. Samba 4 is really a cool product.
>>
>> I have a little problem though.
>>
>> The context:
>>
>> I have Samba4 AD DC working perfectly on a virtual machine
>> for testing purpose I joined another Samba4 AD DC to the domain I had
>> provisioned and it worked perfectly but my second DC VM was deleted with no
>> mean to get it back.
>>
>> I have now a problem on my first DC as the second DC still shows up in the
>> RSAT console,  NTDSUTIL, DNS and also samba-tool drs showrepl.
>> it seems to be impossible to delete it completely.
>>
>>
>> I know if I were on a windows DC I'd simply have gone for forced deletion
>> then metadata cleanup.
>> but I don't have a windows DC.
>>
>> Is there a way I can permanently remove all connection to my disappeared
>> second DC form the AD just using  the tools provides with samba 4?
> Can you use the ADUC tools to do it?
>
> Yes, we are aware this isn't ideal, and patches to samba-tool are
> welcome.
>
>> Other question:
>>
>> I use ISC-DHCP-SERVER with SAMBA_Internal DNS.
>>
>> Is there a way to have it updating records?
>> >From the DNS console, it seems I can't allow for unsecure updates
> Currently this is controlled from the smb.conf, not DNS console.
>
> But unsecure updates are a really bad idea.  Other folks have done this
> with GSS-TSIG and an external script, and it would be really neat to
> also support shared-key TSIG, but that requires work.  Patches are very
> welcome (the shared 128 bit key can be stored in or generated from the
> unicodePwd).
>
> Andrew Bartlett
>