[Samba] Demote Win2008R2 DC Fail

Anderson Hoffmann do Carmo anderson.hoffmann at gsurfnet.com
Tue Jul 12 19:15:04 UTC 2016 

Hi Jason/Rowland

Great news! the following procedure worked perfectly...
I added at the end "Remove manually Windows DC entries in DNS"
The script used in step 9 was "
https://gallery.technet.microsoft.com/scriptcenter/d31f091f-2642-4ede-9f97-0e1cc4d577f3
"

*Very thanks for all!*


Anderson Hoffmann do Carmo
MCP | MTA | MCDST | MCTS | MCSA | MS | MOS |
ITIL-F | ISFS | CLOUDF | CI-SCS | VCA-DCV |



2016-07-12 9:55 GMT-03:00 Anderson Hoffmann do Carmo <
anderson.hoffmann at gsurfnet.com>:

> I will test this
> Thanks ;-)
>
> Anderson Hoffmann do Carmo
> MCP | MTA | MCDST | MCTS | MCSA | MS | MOS |
> ITIL-F | ISFS | CLOUDF | CI-SCS | VCA-DCV |
>
>
>
> 2016-07-12 9:45 GMT-03:00 Rowland penny <rpenny at samba.org>:
>
>> On 12/07/16 13:33, Jason Waters wrote:
>>
>>> This is what I would do.
>>>
>>> 1. Make sure everything is off of the 2008 machine so you don't need to
>>> turn it back on
>>> 2. Shut down the 2008 machine
>>> 2.5 Update your DNS on the samba machine to be the samba machine, not the
>>> 2008 DC
>>> 3. Test everything and make sure samba is fully working on your domain
>>> 4. Test everything again
>>> 5. Test!
>>> 6. Seize the roles on your samba machine, samba-tool fsmo seize --force
>>> --role=all -Uadministrator
>>>           I don't think you need the -U, but just in case
>>>
>>
>> Yes you do, it is required if you are transferring or seizing the DNS
>> FSMO roles.
>>
>> 7. Reboot that machine and make sure everything looks good
>>> 8. make sure samba-tool fsmo show, shows all 7 roles of the samba machine
>>> 9. From a workstation, run the Metadata clean.vbs script.  This will
>>> remove
>>> the replication to the now off 2008 DC
>>>
>>
>> This is what 'samba-tool domain demote
>> --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER' does on Samba 4.4.0 up
>>
>> Rowland
>>
>> 10. Reboot the samba box
>>> 11. run samba-tool drs showrepl and it shouldn't show any partners
>>> 12. Once that is done you should just have samba.  You can then add more
>>> DC's with
>>>
>>> samba-tool domain join domain.local DC -UAdministrator
>>>
>>> and any other options you need.
>>>
>>>
>>>
>>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>

More information about the samba mailing list