[Samba] Need another workaround for FSMO transfer problem

John Lewis oflameo2 at gmail.com
Wed Jun 10 17:20:42 MDT 2015


On 05/28/2015 04:18 AM, Rowland Penny wrote:
> On 28/05/15 01:33, John Lewis wrote:
>> On 05/26/2015 07:34 AM, Rowland Penny wrote:
>>> On 26/05/15 03:05, John Lewis wrote:
>>>> https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_%28FSMO%29_roles#Transfering_a_FSMO_role
>>>>
>>>>
>>>>
>>>> I ran into that while trying to rebuild my LXC's as Debian 8. The
>>>> proposed work arrounds assume you have access to a Windows Domain
>>>> controller in your domain, and I don't. Is there anything else I
>>>> can do
>>>> to get all 7 Roles moved to my other domain controller so I can
>>>> rebuild it?
>>> Funny you should say that, I have a patch pending to show all 7 modes
>>> and to seize them, I am also working on the transfer, but this seems
>>> to be a lot more complex and is proving troublesome.
>>>
>>> Rowland
>>>
>> Can you link me to your patches so that I may rebuild my samba packages
>> with them applied or learn what the seizing process is so I can complete
>> it by editing the ldap tree with ldbedit? Perhaps I should check the
>> development mailing list.
>
> Yes, it is on the technical list, starting here:
> https://lists.samba.org/archive/samba-technical/2015-May/107448.html
>
> The patch has morphed into just showing & siezing the 7 roles,
> transferring the two dns roles is much more complex than what I
> originally thought. The problem is that Microsoft (in their wisdom)
> provides a mechanism to transfer the 5 roles that everybody knows
> about, but not for the two dns roles. You need to delete the role on
> the DC that holds it, then recreate it, but this time pointing at the
> new role owner, this all needs to be done from the new role owner, you
> then need to kickstart replication of the role. I have got everything
> working apart from the replication (I think)
>
> Rowland
>

I don't know if this has got too advanced for the user list, but I tried
applying your patch to the source package in Debian and here is my result.

> john at thunderguard:~/Programming/not-mine/samba-4.1.17+dfsg/debian/patches$
> quilt push fsmo.patch
> Applying patch ../patches/05_share_ldb_module
> can't find file to patch at input line 4
> Perhaps you used the wrong -p or --strip option?
> The text leading up to this was:
> --------------------------
> |=== modified file 'source4/param/wscript_build'
> |--- a/source4/param/wscript_build
> |+++ b/source4/param/wscript_build
> --------------------------
> No file to patch.  Skipping patch.
> 2 out of 2 hunks ignored
> Patch ../patches/05_share_ldb_module does not apply (enforce with -f)


I would like to get this built in so I can migrate my Domain Controller
so I can finally finish my OS upgrade s so I can work on my front end stuff.




More information about the samba mailing list