[Samba] Fw: Re: Made a join with a netbios name, which already existed, now replication errors

thom_schu at gmx.de thom_schu at gmx.de
Tue Aug 1 11:05:43 UTC 2017 

> Get rid of samba3 by demoting it again as you did last time, search
> through sam.ldb for any mention of samba3 and samba4 (you will
> probably have to use '--cross-ncs' with ldbsearch or lbdedit), then
> remove them.
> Now start again with a new DC, but this time, call it anything but
> samba3 or samba4.

Getting worse and worse ....
I demoted samba3 and then also samba5, because samba5 reported successful replication
with samba3, although samba3 was already demoted.

So I thought I can start with working samba1 and samba2.

I made a new clean installation of samba5 beginning with the OS ...
But the join failed with

  Unxpectedly got mismatching RDN values when checking RDN against name of CN=NTDS Settings,CN=ISAMBA3,CN=Servers,CN=Default-First-  Site-Name,CN=Sites,CN=Configuration,DC=domain Failed to convert object CN=NTDS Settings,CN=ISAMBA3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain: WERR_GEN_FAILURE

SAMBA3 again ??!! I thought I deleted everything !! 

A check on samba2 "ldbsearch --cross-ncs ... | egrep -i samba3"

  dn: CN=SAMBA3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain
  cn: SAMBA3
  name: SAMBA3
  dNSHostName: samba3.domain
  distinguishedName: CN=SAMBA3,CN=Servers,CN=Default-First-Site-Name,CN=Sites
  dn: DC=samba3,DC=domain,CN=MicrosoftDNS,DC=DomainDnsZones,DC=domain
  name: samba3
  dc: samba3
  distinguishedName: DC=samba3,DC=domain.de,CN=MicrosoftD

I'm sure I checked already in the morning and didnt find any entries about samba3, except the ones I deleted.
Im already confused and getting nervous not far from panic.
Im thinking about to start a complete new domain controller with a backup from before I started all this, hopefully
my backup works.
Or should I delete now the mentioned entries ? (ldbdel ... CN=SAMBA3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration)
They seem to be deep inside the DNS database. I really have the feeling, with each step its getting worse.

More information about the samba mailing list