[Samba] How to keep samba4 dc work fine when windows dc offline?

Antun Horvat antun.horvat at radio101.hr
Mon Nov 18 02:41:26 MST 2013


That also happened to me, so I had to remove the controller manually.

First you need to remove win dc records from the "sites and services", 
and then from the "users and computers" application.
After that is done, you need to remove it's records from the DNS, and 
optionally update the zone SOA record.

On 11/18/2013 10:34 AM, Sense Zeng wrote:
> How could I remove the Win2003 DC? I try to run dcpromo in
> Win2003 DC, it aways tell me:
>
> The operation failed because:
> Active Directory could not find another domain controller to transfer 
> the remaining data in directory partition 
> DC=ForestDnsZones,DC=dotest,DC=com.
> "The specified domain either does not exist or could not be contacted."
>
> And there are following errors log by the Samba4 DC log.samba:
>
> ...
> [2013/11/15 10:52:56.646808,  0] 
> ../source4/dsdb/repl/drepl_out_helpers.c:840(dreplsrv_update_refs_done)
>   UpdateRefs failed with WERR_DS_DRA_BUSY/NT code 0xc00020f6 for 
> de9d1c2e-5584-4b33-b99d-330ae93b9d9d._msdcs.dotest.com 
> <http://msdcs.dotest.com> CN=Schema,CN=Configuration,DC=dotest,DC=com
> [2013/11/15 10:52:57.106829,  0] 
> ../source4/dsdb/repl/drepl_out_helpers.c:840(dreplsrv_update_refs_done)
>   UpdateRefs failed with WERR_DS_DRA_BUSY/NT code 0xc00020f6 for 
> de9d1c2e-5584-4b33-b99d-330ae93b9d9d._msdcs.dotest.com 
> <http://msdcs.dotest.com> CN=Configuration,DC=dotest,DC=com
> [2013/11/15 10:52:58.301792,  0] 
> ../source4/dsdb/repl/drepl_out_helpers.c:840(dreplsrv_update_refs_done)
>   UpdateRefs failed with WERR_DS_DRA_BUSY/NT code 0xc00020f6 for 
> de9d1c2e-5584-4b33-b99d-330ae93b9d9d._msdcs.dotest.com 
> <http://msdcs.dotest.com> DC=dotest,DC=com
> ...
>
>
> 2013/11/18 Antun Horvat <antun.horvat at radio101.hr 
> <mailto:antun.horvat at radio101.hr>>
>
>     I had the same problem
>
>     When windows 2k3 was offline, domain logons were very slow.
>     The issue was that DFS folders (sysvol and netlogon) were
>     accessible only when certain timeout expired (about 30 sec) and
>     then I could access that folder. After I have removed windows DC
>     records from the domain, everything went back to normal.
>
>
>
>
>     On 11/18/2013 03:42 AM, Sense Zeng wrote:
>
>         I'm testing a samba4 server join AD (had 1 win2003 dc) as dc.
>         Version:
>         Samba4 DC: samba 4.1.1 with ubuntu (172.16.3.8)
>         Win2003 DC: Win2003 SP2 (172.16.3.3)
>         AD domain name: dotest.com <http://dotest.com>
>
>         The samba server had joined to AD as DC. When win2003 dc
>         online, it seems
>         works fine.
>         When I test win2003 dc online, simulate the win2003 DC was
>         failue, found
>         the samba4 DC can't work fine along. The AD client logon has
>         been very
>         slow. And there are error log in the samba4 dc log file
>         /usr/local/samba/var/log.samba:
>
>         ...
>         [2013/11/18 09:55:57.147627,  0]
>         ../source4/librpc/rpc/dcerpc_sock.c:256(continue_socket_connect)
>            Failed to connect host 172.16.3.3 on port 135 -
>         NT_STATUS_HOST_UNREACHABLE
>         [2013/11/18 09:55:57.148011,  0]
>         ../source4/librpc/rpc/dcerpc_sock.c:419(continue_ip_open_socket)
>            Failed to connect host 172.16.3.3
>         (880d3cbe-93a7-4e9d-a286-62b54a73a6ea._
>         msdcs.dotest.com <http://msdcs.dotest.com>) on port 135 -
>         NT_STATUS_HOST_UNREACHABLE.
>         [2013/11/18 09:56:00.147628,  0]
>         ../source4/librpc/rpc/dcerpc_sock.c:256(continue_socket_connect)
>            Failed to connect host 172.16.3.3 on port 135 -
>         NT_STATUS_HOST_UNREACHABLE
>         [2013/11/18 09:56:00.148012,  0]
>         ../source4/librpc/rpc/dcerpc_sock.c:419(continue_ip_open_socket)
>            Failed to connect host 172.16.3.3
>         (880d3cbe-93a7-4e9d-a286-62b54a73a6ea._
>         msdcs.dotest.com <http://msdcs.dotest.com>) on port 135 -
>         NT_STATUS_HOST_UNREACHABLE.
>         ...
>
>         172.16.3.3 is the Win2003 DC
>
>         and my smb.conf setting is:
>
>         [global]
>                  workgroup = DOTEST
>                  realm = dotest.com <http://dotest.com>
>                  netbios name = GREEN
>                  server role = active directory domain controller
>                  server services = s3fs, rpc, nbt, wrepl, ldap, cldap,
>         kdc, drepl,
>         winbind, ntp_signd, kcc, dnsupdate
>                  wins support = Yes
>         [netlogon]
>                  path =
>         /usr/local/samba/var/locks/sysvol/dotest.com/scripts
>         <http://dotest.com/scripts>
>                  read only = No
>         [sysvol]
>                  path = /usr/local/samba/var/locks/sysvol
>                  read only = No
>
>         I wanna keep the samba4 dc work fine when win2003 dc offline?
>         What should I
>         do?
>
>     -- 
>     To unsubscribe from this list go to the following URL and read the
>     instructions: https://lists.samba.org/mailman/options/samba
>
>



More information about the samba mailing list