Trouble demoting DC with broken replication
Andreas Oster
aoster at novanetwork.de
Tue May 20 05:53:14 MDT 2014
Am 20.05.2014 12:18, schrieb Iñigo Martinez Lasala:
> Delete all stuff from DNS zones and then remove DC from Active Directory
> Sites and Services.
>
> On 19/05/14 19:09, Marc Muehlfeld wrote:
>> Hello Andreas,
>>
>> Am 19.05.2014 12:26, schrieb Andreas Oster:
>>> Do you / does anybody have an idea how to get rid of those orphaned
>>> entries ?
>>
>> Two weeks ago I wrote the 'Demote a DC' HowTo
>> (https://wiki.samba.org/index.php/Demote_a_Samba_DC#Demote_a_DC_that_isn.27t_accessable_any_more).
>>
>>
>> While doing researches and testings for the HowTo, it turned out, that
>> currently there seems to be no way (samba-tool or the usual Windows
>> ways) to demote a lost DC and cleanup the metadata.
>>
>> I created a bug report about that:
>> https://bugzilla.samba.org/show_bug.cgi?id=10595
>>
>> I guess the only way would be to manually find the stuff inside the AD
>> and remove it manually via ldbedit. But I really would be afraid of that!
>>
>> An other idea I had, would be to temporary join a machine with the same
>> name/IP as DC and then demote it with samba-tool. After that maybe less
>> directory entries have to be removed (like the ophaned objectGUID
>> entries). But this was just an idea and I wanted to try it in my test
>> environment. But I think it would be a risky way and should be not
>> recommend.
>>
>> I think this is a very serious problem/bug!
>>
>>
>> Regards,
>> Marc
>>
>>
>
>
Hello Iñigo,
I already tried this but unfortunately this does not fix the replication
issue.
Thanks
best regards
Andreas
More information about the samba-technical
mailing list