[Samba] 4th DC Unable to Replicate - WERR_DS_DRA_ACCESS_DENIED
Marc Muehlfeld
mmuehlfeld at samba.org
Mon Oct 5 08:29:21 UTC 2015
Hello David,
Am 01.10.2015 um 02:24 schrieb David Minard:
> I don't know if running the domain join again is a good idea, or if
> that will break more stuff....
If the DC has the same name, it should be no problem. samba-tool check
for existing entries and removes them before re-adding. Looks like this
then: https://cpaste.org/p2t5huhmm (Line 8-14).
Two things are to mention about this procedure: After the join, the DC
has a new GUID. This means that you have to remove the old
GUID._msdcs.samdom.example.com DNS record and add the right one (the
latter you have to do anyway when joining a DC at the moment. See
https://wiki.samba.org/index.php/Check_and_fix_DNS_entries_on_DC_joins#Resolve_the_objectGUID_CNAME_record_of_the_new_joined_Domain_Controller)
https://wiki.samba.org/index.php/DNS_administration#Delete_a_record_2
shows you how to delete a record.
Of course, you should create a working backup before and do good testing
afterwards! ;-)
Regards,
Marc
More information about the samba
mailing list