[WIP] Fix samba-tool domain demote to remove another dead DC

Marc Muehlfeld mmuehlfeld at samba.org
Wed Oct 14 21:56:54 UTC 2015 

Hello Andrew,

Am 14.10.2015 um 12:34 schrieb Andrew Bartlett:
> samba-tool domain demote --remove-other-dead-server=deaddc -H /path/to/sam.ldb


The first try looks good. Everything seems to be removed. I'll have a
closer look soon.


The only remaining I saw, is the DNS account:
dn: CN=dns-DC2,CN=Users,DC=samdom,DC=example,DC=com
Is there any reason, to keep it?


And maybe a more beautiful error would be nice, if trying to remove a
none-existent DC ;-)

# samba-tool domain demote --remove-other-dead-server=DC3 -H
/usr/local/samba/private/sam.ldb
ERROR(<class 'samba.remove_dc.demoteException'>): uncaught exception -
demoteException: DC3 is not an AD DC in samdom.example.com
  File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 678, in run
    remove_dc.remove_dc(samdb, remove_other_dead_server)
  File
"/usr/local/samba/lib64/python2.7/site-packages/samba/remove_dc.py",
line 260, in remove_dc
    % (dc_name, samdb.domain_dns_name()))
A transaction is still active in ldb context [0x2101200] on
/usr/local/samba/private/sam.ldb


And also if you try to remove the DC, you're starting this command on:

[root at DC1 ~]# samba-tool domain demote --remove-other-dead-server=DC1 -H
/usr/local/samba/private/sam.ldb
ERROR(ldb): uncaught exception - objectclass: Cannot delete CN=NTDS
Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=samdom,DC=example,DC=com,
it's the DC's ntDSDSA object!
  File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
    return self.run(*args, **kwargs)
  File
"/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 678, in run
    remove_dc.remove_dc(samdb, remove_other_dead_server)
  File
"/usr/local/samba/lib64/python2.7/site-packages/samba/remove_dc.py",
line 288, in remove_dc
    remove_dns_names=True)
  File
"/usr/local/samba/lib64/python2.7/site-packages/samba/remove_dc.py",
line 239, in offline_remove_ntds_dc
    samdb.delete(ntds_dn, ["tree_delete:0"])
A transaction is still active in ldb context [0x1a36200] on
/usr/local/samba/private/sam.ldb



Regards,
Marc

More information about the samba-technical mailing list