[Samba] problem with samba-tool fsmo transfer

Guido Lorenzutti guido at lorenzutti.com.ar
Tue Jul 25 14:45:23 UTC 2017 

  

Hi people! 

Im trying to demote a Windows2003 AD to samba4. 

I
sucessfully joined the samba4 to the ad, and when I try to transfer the
FSMO to the samba4, to demote the Win2K3 I get the following error:


root at dc:/var/log/samba# samba-tool fsmo transfer --role=all
FSMO
transfer of 'rid' role successful
FSMO transfer of 'pdc' role
successful
FSMO transfer of 'naming' role successful
FSMO transfer of
'infrastructure' role successful
FSMO transfer of 'schema' role
successful
ERROR: Failed to delete role 'domaindns': LDAP error 50
LDAP_INSUFFICIENT_ACCESS _RIGHTS -  

I try using credentials, different
error, but still dosent work.

root at dc:/var/log/samba# samba-tool fsmo
transfer --role=all -U administrador
This DC already has the 'rid' FSMO
role
This DC already has the 'pdc' FSMO role
This DC already has the
'naming' FSMO role
This DC already has the 'infrastructure' FSMO
role
This DC already has the 'schema' FSMO role
Password for
[TRUSTadministrador]:
ERROR: Failed to add role 'domaindns': LDAP error
53 LDAP_UNWILLING_TO_PERFORM -  

root at dc:/var/log/samba# samba-tool
fsmo show
SchemaMasterRole owner: CN=NTDS
Settings,CN=DC,CN=Servers,CN=Nombre-predeterminado-prim
er-sitio,CN=Sites,CN=Configuration,DC=Trust,DC=local
InfrastructureMasterRole
owner: CN=NTDS Settings,CN=DC,CN=Servers,CN=Nombre-predetermin
ado-primer-sitio,CN=Sites,CN=Configuration,DC=Trust,DC=local
RidAllocationMasterRole
owner: CN=NTDS Settings,CN=DC,CN=Servers,CN=Nombre-predetermina
do-primer-sitio,CN=Sites,CN=Configuration,DC=Trust,DC=local
PdcEmulationMasterRole
owner: CN=NTDS Settings,CN=DC,CN=Servers,CN=Nombre-predeterminad
o-primer-sitio,CN=Sites,CN=Configuration,DC=Trust,DC=local
DomainNamingMasterRole
owner: CN=NTDS Settings,CN=DC,CN=Servers,CN=Nombre-predeterminad
o-primer-sitio,CN=Sites,CN=Configuration,DC=Trust,DC=local
DomainDnsZonesMasterRole
owner: CN=NTDS Settings,CN=SERVERIBM,CN=Servers,CN=Nombre-pred
eterminado-primer-sitio,CN=Sites,CN=Configuration,DC=Trust,DC=local
ForestDnsZonesMasterRole
owner: CN=NTDS Settings,CN=SERVERIBM,CN=Servers,CN=Nombre-pred
eterminado-primer-sitio,CN=Sites,CN=Configuration,DC=Trust,DC=local

Did
I skip something?

Tnxs in advance.

More information about the samba mailing list