[Samba] Demote Win2008R2 DC Fail

Rowland penny rpenny at samba.org
Mon Jul 11 19:50:26 UTC 2016 

On 11/07/16 20:04, Anderson Hoffmann do Carmo wrote:
> I am transfer using 'samba-tool fsmo transfer --role=all

Unless you added '-UAdministrator --password=PASSWORD' to the above 
command (or another user will the required permissions), you wouldn't 
have transferred the DNS roles.

> I am try demote Windows using DCPROMO.EXE on Windows Server

Have you tried (once you are sure all 7 FSMO roles have been 
transferred) turning off the windows server and then running 'samba-tool 
domain demote --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER 
-UAdministrator --password=PASSWORD'.

Before doing any of the above, I would check if everything is ok in the 
AD on your Samba 4 AD DC.

You also didn't say if 'samba-tool fsmo show' shows all your 7 FSMO 
roles without errors.

Rowland

> The output of command, no errors. (CN=GTESTE2 = Samba DC)
>
>     root at gteste2:/anderson#
>     root at gteste2:/anderson# *samba-tool fsmo show*
>     SchemaMasterRole owner: CN=NTDS
>     Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>     InfrastructureMasterRole owner: CN=NTDS
>     Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>     RidAllocationMasterRole owner: CN=NTDS
>     Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>     PdcEmulationMasterRole owner: CN=NTDS
>     Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>     DomainNamingMasterRole owner: CN=NTDS
>     Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>     DomainDnsZonesMasterRole owner: CN=NTDS
>     Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>     ForestDnsZonesMasterRole owner: CN=NTDS
>     Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>     root at gteste2:/anderson#
>
> ​ Thanks,​
>
> ​ Anderson Hoffmann
>
>
>
> 2016-07-11 15:47 GMT-03:00 Rowland penny <rpenny at samba.org 
> <mailto:rpenny at samba.org>>:
>
>     On 11/07/16 19:26, Anderson Hoffmann do Carmo wrote:
>
>         Hi.
>
>         I am using a Windows Server 2008R2 as primary DC and a Ubuntu
>         Server 16.04
>         as secundary DC with Samba 4.3.9 (from repository/apt-get)
>         I am transfered FSMO rules to Samba and I am try to demote
>         Windows, but
>         fail!
>
>
>     How did you transfer the FSMO roles ?
>     What 'tool' did you use ?
>
>         The error is:
>
>         The operation failed:
>         The active directory domain services could not find another domain
>         controller to transfer the remaining data on the partition
>         DC=DomainDnsZones,DC=testead,DC=minhaempresa,DC=com
>         "the specified domain does not exist or can not be contacted"
>
>
>     Have you tried running 'samba-tool fsmo show' in a terminal on the
>     Samba DC ?
>     If so, does it show all 7 FSMO role owners or does it end with an
>     error message ?
>
>     Rowland
>
>         ​Any ideia?
>
>         ​The Samba DC it's OK and operational
>
>
>
>         Anderson Hoffmann
>
>
>
>     -- 
>     To unsubscribe from this list go to the following URL and read the
>     instructions: https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list