[Samba] Need another workaround for FSMO transfer problem
Rowland Penny
rowlandpenny at googlemail.com
Thu May 28 02:18:06 MDT 2015
On 28/05/15 01:33, John Lewis wrote:
> On 05/26/2015 07:34 AM, Rowland Penny wrote:
>> On 26/05/15 03:05, John Lewis wrote:
>>> https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_%28FSMO%29_roles#Transfering_a_FSMO_role
>>>
>>>
>>> I ran into that while trying to rebuild my LXC's as Debian 8. The
>>> proposed work arrounds assume you have access to a Windows Domain
>>> controller in your domain, and I don't. Is there anything else I can do
>>> to get all 7 Roles moved to my other domain controller so I can
>>> rebuild it?
>> Funny you should say that, I have a patch pending to show all 7 modes
>> and to seize them, I am also working on the transfer, but this seems
>> to be a lot more complex and is proving troublesome.
>>
>> Rowland
>>
> Can you link me to your patches so that I may rebuild my samba packages
> with them applied or learn what the seizing process is so I can complete
> it by editing the ldap tree with ldbedit? Perhaps I should check the
> development mailing list.
Yes, it is on the technical list, starting here:
https://lists.samba.org/archive/samba-technical/2015-May/107448.html
The patch has morphed into just showing & siezing the 7 roles,
transferring the two dns roles is much more complex than what I
originally thought. The problem is that Microsoft (in their wisdom)
provides a mechanism to transfer the 5 roles that everybody knows about,
but not for the two dns roles. You need to delete the role on the DC
that holds it, then recreate it, but this time pointing at the new role
owner, this all needs to be done from the new role owner, you then need
to kickstart replication of the role. I have got everything working
apart from the replication (I think)
Rowland
More information about the samba
mailing list