[Samba] remove dead server (samba 4.4.4)
Vinicius Bones Silva
vbs at e-trust.com.br
Fri Dec 16 17:50:06 UTC 2016
Hi,
I'm trying to remove a DC from a site we have shutdown. The demote command is
throwing up this message:
[root at aragorn ~]# samba-tool domain demote --remove-other-dead-server=pippin
Removing nTDSConnection: CN=eca08dbb-1f34-476e-96dd-33ec22b2bc94,CN=NTDS
Settings,CN=GANDALF,CN=Servers,CN=SAOPAULO,CN=Sites,CN=Configuration,DC=e-trust,DC=com,DC=br
Removing nTDSDSA: CN=NTDS
Settings,CN=PIPPIN,CN=Servers,CN=TOBIAS,CN=Sites,CN=Configuration,DC=e-trust,DC=com,DC=br
(and any children)
Removing RID Set: CN=RID Set,CN=PIPPIN,OU=Domain Controllers,DC=e-trust,DC=com,DC=br
Removing computer account: CN=PIPPIN,OU=Domain Controllers,DC=e-trust,DC=com,DC=br (and
any child objects)
Removing Samba-specific DNS service account: CN=dns-pippin,CN=Users,DC=e-trust,DC=com,DC=br
updating DomainDnsZones.e-trust.com.br keeping 3 values, removing 1 values
updating ForestDnsZones.e-trust.com.br keeping 3 values, removing 1 values
updating e-trust.com.br keeping 8 values, removing 1 values
updating
DC=_ldap._tcp.TOBIAS._sites.DomainDnsZones,DC=e-trust.com.br,CN=MicrosoftDNS,DC=DomainDnsZones,DC=e-trust,DC=com,DC=br
keeping 0 values, removing 1 values
updating
DC=_ldap._tcp.TOBIAS._sites.ForestDnsZones,DC=e-trust.com.br,CN=MicrosoftDNS,DC=DomainDnsZones,DC=e-trust,DC=com,DC=br
keeping 0 values, removing 1 values
ERROR(<type 'exceptions.TypeError'>): uncaught exception - __ndr_unpack__() argument 1
must be string or read-only buffer, not dnsp.DnssrvRpcRecord
File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/samba/netcmd/domain.py", line 720, in run
remove_dc.remove_dc(samdb, logger, remove_other_dead_server)
File "/usr/lib64/python2.7/site-packages/samba/remove_dc.py", line 423, in remove_dc
remove_dns_account=True)
File "/usr/lib64/python2.7/site-packages/samba/remove_dc.py", line 351, in
offline_remove_ntds_dc
remove_dns_account=remove_dns_account)
File "/usr/lib64/python2.7/site-packages/samba/remove_dc.py", line 266, in
offline_remove_server
remove_dns_references(samdb, logger, dnsHostName)
File "/usr/lib64/python2.7/site-packages/samba/remove_dc.py", line 186, in
remove_dns_references
for v in values if not to_remove(v) ]
File "/usr/lib64/python2.7/site-packages/samba/remove_dc.py", line 160, in to_remove
dnsRecord = ndr_unpack(dnsp.DnssrvRpcRecord, value)
File "/usr/lib64/python2.7/site-packages/samba/ndr.py", line 45, in ndr_unpack
object.__ndr_unpack__(data, allow_remaining=allow_remaining)
A transaction is still active in ldb context [0x1953490] on
tdb:///var/lib/samba/private/sam.ldb
The pippin server still shows up in the Domain controllers list and site list. Is there
anything I can do to complete the removal?
The samba version is 4.4.4:
[root at aragorn ~]# rpm -qa |grep -i samba
sernet-samba-client-4.4.4-1.el7.x86_64
sernet-samba-common-4.4.4-1.el7.x86_64
sernet-samba-libsmbclient0-4.4.4-1.el7.x86_64
sernet-samba-4.4.4-1.el7.x86_64
sernet-samba-ad-4.4.4-1.el7.x86_64
sernet-samba-libs-4.4.4-1.el7.x86_64
sernet-samba-winbind-4.4.4-1.el7.x86_64
And I'm using named as the DNS backend.
Regards,
--
Vinicius Silva
SOC
BRA: + 55 51 2117.1000 | 55 11 5521.2021
USA: + 1 888 259.5801
vbs at e-trust.com.br
skype: vinicius.bones.silva
Smiley face
www.e-trust.com.br <http://www.e-trust.com.br/>
Esta mensagem pode conter informações confidenciais ou privilegiadas. Se você recebeu esta
mensagem por engano, você não deve usar, copiar, divulgar ou tomar qualquer atitude com
base nestas informações. Solicitamos que você apague a mensagem imediatamente e avise a
E-TRUST, enviando um e-mail para suporte at e-trust.com.br. Opiniões, conclusões ou
informações contidas nesta mensagem não necessariamente refletem a posição oficial da
E-TRUST. Caso assinada digitalmente, a autenticidade desta mensagem pode ser confirmada
pela Autoridade Certificadora Privada E-TRUST, disponível em www.e-trust.com.br.
This message may contain privileged and confidential information for the use of the
intended recipients only. If you are not an intended recipient then you should not
disseminate, copy, or take any action based on its contents. If you have received this
message in error then please notify E-TRUST by sending an e-mail message to
suporte at e-trust.com.br immediately. Views and opinions expressed in this message do not
necessarily reflect the position of E-TRUST. If this message is digitally signed, its
authenticity can be confirmed by E-TRUST Private Certificate Authority, available at
www.e-trust.com.br.
More information about the samba
mailing list