[PATCH] Fix demote of a Windows AD DC

Tim Beale timbeale at catalyst.net.nz
Tue Jun 26 05:18:37 UTC 2018 

Added BUG and Reviewed-by tags.

https://bugzilla.samba.org/show_bug.cgi?id=13484

On 26/06/18 17:07, Gary Lockyer wrote:
> RB+
>
> On 26/06/18 17:00, Andrew Bartlett via samba-technical wrote:
>> On Tue, 2018-06-26 at 16:42 +1200, Tim Beale via samba-technical wrote:
>>> Hi,
>>>
>>> The attached patch fixed up a problem I noticed while testing the
>>> backup/restore tool against a Windows VM DC. Windows has an extra
>>> 'CN=DNS Settings' child object underneath the Server object that Samba
>>> doesn't have. This was causing the removal of the server object in the
>>> demote/remove_dc code to fail.
>>>
>>> This should hopefully fix the problem reported on the samba mailing list:
>>> https://lists.samba.org/archive/samba/2018-June/216572.html
>>>
>>> CI tests link (in progress).
>>> https://gitlab.com/catalyst-samba/samba/pipelines/24561455
>>>
>>> Review appreciated.
>> Reviewed-by: Andrew Bartlett <abartlet at samba.org>
>>
>> Can I get a second team reviewer please?
>>
>> Thanks,
>>
>> Andrew Bartlett
>>

-------------- next part --------------
From 11a9f504ad4bcad295744b15559a510907f2761c Mon Sep 17 00:00:00 2001
From: Tim Beale <timbeale at catalyst.net.nz>
Date: Fri, 15 Jun 2018 11:54:37 +1200
Subject: [PATCH] remove_dc: Fix removal of an old Windows DC

Windows has 'CN=DNS Settings' child object underneath the Server object.
This was causing the removal of the server object in remove_dc() to
fail.

Noticed this problem while testing the backup/restore tool manually
against a Windows VM.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13484

Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
---
 python/samba/remove_dc.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/python/samba/remove_dc.py b/python/samba/remove_dc.py
index b9726f5..d190461 100644
--- a/python/samba/remove_dc.py
+++ b/python/samba/remove_dc.py
@@ -240,8 +240,9 @@ def offline_remove_server(samdb, logger,
         dnsHostName = None
 
     if remove_server_obj:
-        # Remove the server DN
-        samdb.delete(server_dn)
+        # Remove the server DN (do a tree-delete as it could still have a
+        # 'DNS Settings' child object if it's a Windows DC)
+        samdb.delete(server_dn, ["tree_delete:0"])
 
     if computer_dn is not None:
         computer_msgs = samdb.search(base=computer_dn,
-- 
2.7.4

More information about the samba-technical mailing list