[Samba] Demote Win2008R2 DC Fail
Jason Waters
jason at geeknocity.com
Mon Jul 11 20:06:04 UTC 2016
It did show that he had all 7 but that is a good point. I would shutdown
the 2008 server and make sure users can login, etc....
On Mon, Jul 11, 2016 at 3:50 PM, Rowland penny <rpenny at samba.org> wrote:
> On 11/07/16 20:04, Anderson Hoffmann do Carmo wrote:
>
>> I am transfer using 'samba-tool fsmo transfer --role=all
>>
>
> Unless you added '-UAdministrator --password=PASSWORD' to the above
> command (or another user will the required permissions), you wouldn't have
> transferred the DNS roles.
>
> I am try demote Windows using DCPROMO.EXE on Windows Server
>>
>
> Have you tried (once you are sure all 7 FSMO roles have been transferred)
> turning off the windows server and then running 'samba-tool domain demote
> --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER -UAdministrator
> --password=PASSWORD'.
>
> Before doing any of the above, I would check if everything is ok in the AD
> on your Samba 4 AD DC.
>
> You also didn't say if 'samba-tool fsmo show' shows all your 7 FSMO roles
> without errors.
>
> Rowland
>
> The output of command, no errors. (CN=GTESTE2 = Samba DC)
>>
>> root at gteste2:/anderson#
>> root at gteste2:/anderson# *samba-tool fsmo show*
>> SchemaMasterRole owner: CN=NTDS
>>
>> Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>> InfrastructureMasterRole owner: CN=NTDS
>>
>> Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>> RidAllocationMasterRole owner: CN=NTDS
>>
>> Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>> PdcEmulationMasterRole owner: CN=NTDS
>>
>> Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>> DomainNamingMasterRole owner: CN=NTDS
>>
>> Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>> DomainDnsZonesMasterRole owner: CN=NTDS
>>
>> Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>> ForestDnsZonesMasterRole owner: CN=NTDS
>>
>> Settings,CN=GTESTE2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=testead,DC=gsurfnet,DC=com
>> root at gteste2:/anderson#
>>
>> Thanks,
>>
>> Anderson Hoffmann
>>
>>
>>
>> 2016-07-11 15:47 GMT-03:00 Rowland penny <rpenny at samba.org <mailto:
>> rpenny at samba.org>>:
>>
>>
>> On 11/07/16 19:26, Anderson Hoffmann do Carmo wrote:
>>
>> Hi.
>>
>> I am using a Windows Server 2008R2 as primary DC and a Ubuntu
>> Server 16.04
>> as secundary DC with Samba 4.3.9 (from repository/apt-get)
>> I am transfered FSMO rules to Samba and I am try to demote
>> Windows, but
>> fail!
>>
>>
>> How did you transfer the FSMO roles ?
>> What 'tool' did you use ?
>>
>> The error is:
>>
>> The operation failed:
>> The active directory domain services could not find another domain
>> controller to transfer the remaining data on the partition
>> DC=DomainDnsZones,DC=testead,DC=minhaempresa,DC=com
>> "the specified domain does not exist or can not be contacted"
>>
>>
>> Have you tried running 'samba-tool fsmo show' in a terminal on the
>> Samba DC ?
>> If so, does it show all 7 FSMO role owners or does it end with an
>> error message ?
>>
>> Rowland
>>
>> Any ideia?
>>
>> The Samba DC it's OK and operational
>>
>>
>>
>> Anderson Hoffmann
>>
>>
>>
>> -- To unsubscribe from this list go to the following URL and read
>> the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list