[Samba] Remove stale DRS replication partner

lingpanda101 lingpanda101 at gmail.com
Tue Jun 27 12:57:47 UTC 2017 

On 6/26/2017 4:35 PM, Johannes Engel wrote:
> Hi James,
>
> thanks a lot for your hint. However, I seem to be unable to find it 
> there. Can you please be a little more specific?
> I tried to check the replication topology, but no success.
> Thanks a lot!
>
> Best regards
> Johannes
>
> lingpanda101 via samba <samba at lists.samba.org 
> <mailto:samba at lists.samba.org>> schrieb am Mo., 26. Juni 2017 um 
> 20:52 Uhr:
>
>     On 6/26/2017 2:43 PM, Johannes Engel via samba wrote:
>     > Dear list,
>     >
>     > After (almost) successfully removing a dead DC from my domain I
>     am left
>     > with only one visible symptom:
>     > samba-tool drs showrepl shows two stale outbound link for one of the
>     > remaining 2 DCs:
>     > DC=DomainDnsZones,DC=subdom,DC=mydom,DC=com
>     >          NTDS DN: CN=NTDS
>     >
>     Settings\0ADEL:09210f3d-dab9-4a69-92ca-b11e93845367,CN=DC3\0ADEL:591e8395-a414-4bca-99a0-8cb195417493,CN=Servers,CN=Location,CN=Sites,CN=Configuration,DC=subdom,DC=mydom,DC=com
>     >                  DSA object GUID:
>     09210f3d-dab9-4a69-92ca-b11e93845367
>     >                  Last attempt @ Mon Jun 26 17:26:27 2017 CEST
>     failed, result
>     > 2 (WERR_FILE_NOT_FOUND)
>     >                  2001797 consecutive failure(s).
>     >                  Last success @ Sat Jan  7 15:22:31 2017 CET
>     >
>     > I tried already the samba-tool emergency way using
>     > DC2# samba-tool domain demote
>     > --remove-other-dead-server=09210f3d-dab9-4a69-92ca-b11e93845367
>     > ERROR: Demote failed: DemoteException:
>     09210f3d-dab9-4a69-92ca-b11e93845367
>     > is not an AD DC in subdom.mydom.com <http://subdom.mydom.com>
>     >
>     > Same using the server's name instead of the GUID.
>     > How can I remove this connection from the replication?
>     >
>     > Any help appreciated.
>     >
>     > Best regards
>     > Johannes
>
>     You can remove the orphaned NTDS connection using Windows Sites and
>     Services application.
>
>     --
>     --
>     James
>
>
>     --
>     To unsubscribe from this list go to the following URL and read the
>     instructions: https://lists.samba.org/mailman/options/samba
>
     I'll try, but I'm not sure if you have more then one site. Open 
Sites & Services. One the the left you may only see 
'Default-First-Site-Name'. Click the arrow to expand 
'Default-First-Site-Name'. Next click the arrow to expand 'Servers'.  
You should see one or more servers. Click the arrow next the the DC that 
continues to display the demoted NTDS settings when running 'showrepl'. 
You should now see 'NTDS Settings' under the DC. You can now right click 
and delete any 'automatically generated' site link not needed on the 
right pane or altogether delete the 'NTDS settings' under the DC you 
expanded.

If you see the actual DC you demoted when expanding 
'Default-First-Site-Name', go ahead and delete it as well. Use caution 
when deleting a DC. Make sure it's the one no longer part of your 
domain. If in doubt on any of these steps, ask on the list.

-- 
--
James

More information about the samba mailing list