[Samba] samba4 replication issues | sam.ldb inconsistency
Marc Muehlfeld
mmuehlfeld at samba.org
Tue Jul 15 13:30:25 MDT 2014
Am 15.07.2014 21:14, schrieb heupink, mourik jan c:
>> If you replication isn't working any more - and you can't get it fixed -
>> you should shutdown your DC1 and seize the roles on your remaining DCs:
>> https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_%28FSMO%29_roles#Seizing_a_FSMO_role
> Should I try to transfer roles first?
Try transfering it first.
The roles are basically just values in the AD. Depending on the
remaining working replication, we will see if it works.
>> But you should make sure, that DC1 doesn't come back, because the five
>> roles must not exist twice in your domain/forest (depending on the role).
> Right. In case the role seize works out, I have to get rid of my current dc1.
> But I guess I CAN create a NEW install, call it dc1, and join it as a new domain controller?
>
> (i mean: the name dc1 in our domain is not 'contaminated' or so, it's just this specific samba installation called dc1 that should never appear again?)
You have to demote the broken DC:
https://wiki.samba.org/index.php/Demote_a_Samba_DC
You should try this first, to get old GUIDs, etc. out of your directory.
But demoting with samba-tool only works on the DC, you want to demote
currently. Demoting foreing DCs doesn't work (see the linked bug report).
If the demote was successful, you should be able to join the fresh DC1
again.
Regards,
Marc
More information about the samba
mailing list