[Samba] Win2003 DC fails to detect Samba 4 DC

Matthieu Patou mat at samba.org
Mon Jul 15 10:47:34 MDT 2013 

On 07/13/2013 02:08 PM, Garth Keesler wrote:
> Well, I read several threads on this issue but none solved what I have 
> going so I'll re-ask the question: Should I be able to join a Samba 
> 4.0.7 server to a Windows 2003R2 AD that has been raised to the forest 
> level of 2003 and then be able to demote the Win DC? As stated below, 
> the Win Admin tools recognize the Samba DC as one of two DCs in the 
> domain but the Win DC will not recognize Samba as such when trying to 
> demote the Win DC. The FSMO roles will move to the Samba server but 
> the DNS MMC will not recognize the Samba DC as a DC either.
Normally it should be the case, I would have a look at the samba box for 
error related to DNS (ie. impossible to bind on port 53). Which kind of 
DNS setup do you have ? (internal, bind 9.x dlz, flat file) ?

Which DNS server ip the *nix box running Samba 4.0.x is using ?
> Is there an easy way to orphan the Win DC after just shutting it down? 
> I'd be willing to do that.
Yes. From the Active Directory User and Computer you select the DC and 
remove it, you might have to go to Active Directory Domain and Site and 
remove the links to the old DC as well.

But if the s4 DC is working well the demote should work well.

Matthieu
>
> Thanx,
> Garth
>
>
> On 07/13/2013 11:17 AM, Garth Keesler wrote:
>> Starting over and following a couple of threads on this topic so 
>> please ignore.
>>
>> Thanx,
>> Garth
>>
>> On 07/13/2013 08:49 AM, Garth Keesler wrote:
>>> I have an (apparently) valid Samba4 DC to which I have transferred 
>>> all FSMO roles in preparation for running dcpromo and demoting the 
>>> Win DC. All of the logs look good on the Samba DC and showrepl 
>>> indicates no errors. Unfortunately, the Win DC does not seem to 
>>> detect the Samba DC when I attempt to run dcpromo and it throws a 
>>> nasty warning about AD data being lost. If I run Sites and Services, 
>>> both DCs show up and are viewable. Also, in Users and Computers, 
>>> both DCs correctly show up in Domain Controllers.
>>>
>>> Not sure what to do next. Help appreciated.
>>>
>>> Thanx,
>>> Garth
>>
>


-- 
Matthieu Patou
Samba Team
http://samba.org

More information about the samba mailing list