[Samba] Samba 4.4.2 AD DC demote fails

Andrew Bartlett abartlet at samba.org
Sat Apr 30 19:33:14 UTC 2016

On Sat, 2016-04-30 at 16:09 +0100, Miguel Medalha wrote:
> > The brute force removal really isn't as bad as it seems, if you
> > have
> > got all the data off the DC first and turned it off.  Indeed, it is
> > actually more correct and more tested, cleaning up more of the
> > right
> > things.
> What raises my doubts here is that I need to use the demoted server
> as a 
> member server, and I would need to keep its name because it hosts the
> users' profiles and some other resources that have lots of GPOs
> pointing 
> to. The editing needed to accommodate a change of name would be 
> extensive and prone to error. Also, I don't have much time to do it,
> the 
> resources are scarse and the system needs to be in production again.
> The 
> Samba Wiki contains dire warnings about never ever connect to the 
> network again a DC removed by brute force. Will it be ok if it is
> joined 
> again as a member server with the same name? I fear that the cleaning
> done by "--remove-other-dead-server" may leave some residue  that
> will 
> later wreak havoc on the working of the AD.

On the contrary, it will clean it up better, that is what I wrote it to
do :-).  Just run that, and then join as a member server, it will be
fine.  (Certainly more fine than then 'online' demote in any case).

> > In any case, I found and fixed the issue you hit last week, the
> > patch
> > is at https://bugzilla.samba.org/show_bug.cgi?id=11882
> Ok, thank you! I will surelly give it a try.
> > The syntax error should then go away (bug I have a patch for that
> > as
> > well, it is on samba-technical if you are curious).
> Of course I am, more than curious! I can search for it, unless you
> give 
> a pointer.


> Thank you for your reply. This is robbing me much needed sleep time.

No worries.  Hopefully you now have what you need.

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list