[Samba] Unable to demote DC

[Chris Hastie]

I'm trying to remove a DC from a Samba4 based AD network, but run into 
an error that I can't fathom. Can anyone point me in the right direction?

# samba-tool domain demote -Uadministrator
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using SOGO3.ad.oak-wood.co.uk as partner server for the demotion
Using binding ncacn_ip_tcp:SOGO3.ad.oak-wood.co.uk[,seal]
resolve_lmhosts: Attempting lmhosts lookup for name 
SOGO3.ad.oak-wood.co.uk<0x20>
resolve_lmhosts: Attempting lmhosts lookup for name 
SOGO3.ad.oak-wood.co.uk<0x20>
Password for [NUMBER37\administrator]:
Deactivating inbound replication
Asking partner server SOGO3.ad.oak-wood.co.uk to synchronize from us
Error while demoting, re-enabling inbound replication
ERROR(<class 'samba.drs_utils.drsException'>): Error while sending a 
DsReplicaSync for partion 
CN=Schema,CN=Configuration,DC=ad,DC=oak-wood,DC=co,DC=uk - drsException: 
DsReplicaSync failed (2, 'WERR_BADFILE')
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 
720, in run
     sendDsReplicaSync(drsuapiBind, drsuapi_handle, ntds_guid, 
str(part), drsuapi.DRSUAPI_DRS_WRIT_REP)
   File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 83, 
in sendDsReplicaSync
     raise drsException("DsReplicaSync failed %s" % estr)