[Samba] Samba fsmo/demote/unjoin trouble after crash
Giedrius
giedrius+samba at su.lt
Mon May 13 06:21:49 MDT 2013
Hi all,
i've got initial setup on DC1 (4.0.1)... all working good and flawless
Added additional geographically distributed controllers (DC2, DC3,
DC4,DC5) with 4.0.5 - no problem.
All PC's can connect to their own site/DC
Transferred all FSMO's to DC2 - transferred successfully (with
seize "error" bug)
DC1 crashed badly.... during maintenance, SAMBA was updated to
4.0.5, data restored from backup.
Now, the problem is:
1) DC1 sees itself as owner of all FSMO's, although DC[2,3,4,5]
sees DC2 as owner of FSMO's
3) DC1 is missing some users (created between backup and crash),
wbinfo for these users return E_DOMAIN_NOT_FOUND
4) Got "decrypt integrity check failed" errors, fixed with
chtdcpass, witch not results to "Failed to find HOST$#DOMAIN(kvno)"
(client reboot seems to fix this)
4) any attempt to replicate missing information from DC2/DC3 to
DC1 (samba-tool drs replicate) results in errors after it (cannot find
own NTDS)
5) impossible to demote / unjoin server and provision from
scratch - some DRS errors
Question is:
how can i change FSMO owner (ldbedit ?) on DC1 to be DC2 and then:
a) replicate missing users (and computer trust accounts) to DC1
b) force removing DC1 from domain for good ( reinstall from
scratch )
Domain as a whole recreation from scratch is sadly *not* an option :(
More information about the samba
mailing list