[PATCH] make samba-tool aware of all 7 fsmo roles

Stefan (metze) Metzmacher metze at samba.org
Wed May 20 10:06:35 MDT 2015

Hi Rowland,

>> Can you change the commit message to this:
>>      samba-tool: make 'samba-tool fsmo *' aware of all 7 fsmo roles
>>      BUG: https://bugzilla.samba.org/show_bug.cgi?id=10734
>>      Signed-off-by: Rowland Penny <repenny241155 at gmail.com>
> Hi Stefan,
> Done

I don't see an updated commit message...

>>> @@ -58,6 +59,26 @@ def transfer_role(outf, role, samdb):
>>>           m["becomeSchemaMaster"]= ldb.MessageElement(
>>>               "1", ldb.FLAG_MOD_REPLACE,
>>>               "becomeSchemaMaster")
>>> +    elif role == "domaindns":
>>> +        # this would work in the same way as the infrastructure role
>>> if the schema allowed it
>>> +        # but it doesn't, so will have to sieze
>> Can you explain this a bit?
>> What is this different (in detail)?
> To tranfer the main 5 roles, you just create an attribute called
> 'become****' containing '1' in the DN that you want to transfer i.e.
> create 'becomeRidMaster: 1' to transfer the RIDMaster role. There isn't
> a 'become****' attribute for the two dns roles (or at least I cannot
> find them and believe me, I tried), so it seems the only way to change
> them is to seize them.

Wouldn't it be better to simulate the becomeROLE change behaviour?

We should do the change on the current master as that is still alive
and it needs to give up the role before the new dc takes over.

Maybe it would work if we do the ldap modify on the current role owner
and then send new owner a DsReplicaSync message to trigger an immediate
from the old to the new owner.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150520/f7652bad/attachment.pgp>

More information about the samba-technical mailing list