[Samba] Trouble demoting DC with broken replication

Andreas Oster aoster at novanetwork.de
Sat May 24 02:00:21 MDT 2014


Am 19.05.2014 19:09, schrieb Marc Muehlfeld:
> Hello Andreas,
> 
> Am 19.05.2014 12:26, schrieb Andreas Oster:
>> Do you / does anybody have an idea how to get rid of those orphaned
>> entries ?
> 
> 
> Two weeks ago I wrote the 'Demote a DC' HowTo
> (https://wiki.samba.org/index.php/Demote_a_Samba_DC#Demote_a_DC_that_isn.27t_accessable_any_more).
> 
> While doing researches and testings for the HowTo, it turned out, that
> currently there seems to be no way (samba-tool or the usual Windows
> ways) to demote a lost DC and cleanup the metadata.
> 
> I created a bug report about that:
> https://bugzilla.samba.org/show_bug.cgi?id=10595
> 
> I guess the only way would be to manually find the stuff inside the AD
> and remove it manually via ldbedit. But I really would be afraid of that!
> 
> An other idea I had, would be to temporary join a machine with the same
> name/IP as DC and then demote it with samba-tool. After that maybe less
> directory entries have to be removed (like the ophaned objectGUID
> entries). But this was just an idea and I wanted to try it in my test
> environment. But I think it would be a risky way and should be not
> recommend.
> 
> I think this is a very serious problem/bug!
> 
> 
> Regards,
> Marc
> 
> 
Hello Marc,

by downgrading samba4 from latest 4.2 git to latest stable 4.1 I got rid
of the orphaned entries and it seems that also the RDP issue I had with
Windows 7 machines is gone now.

It seems that currently the samba 4.2 git development tree is not usable.

Thank you for your kind help


best regards

Andreas


More information about the samba mailing list