[Samba] NT_STATUS_NO_LOGON_SERVERS after removing a DC and WERR_BADFILE when trying to remove broken DC

Sven Schwedas sven.schwedas at tao.at
Wed Mar 29 14:51:49 UTC 2017

Situation: Trying to upgrade Samba from 4.1 to 4.5 without disruption
too much by adding new DCs and demoting old ones.

After bringing online the first 4.5 DC, I ran `demote
--remove-other-dead-server=` on that DC to remove one of the old 4.1 DCs
(held no FSMO roles). That seemed to run fine (the DC had been offline
for a few weeks at that point and I didn't want to restore it just for

At that point, some (but not all) of our file servers started throwing
also completely fail to connect to the domain.

Some of the old DCs started throwing "Failed to bind to uuid
e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp:7e4973ba-4093-4523-a70f-7caa4845e34d._msdcs.ad.tao.at[1024,seal,krb5]

Attempts to remove the new ADDC fail with "(2, 'WERR_BADFILE')".

So… How the fuck do I recover from this? What's even wrong?

Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas, Systemadministrator
Mail/XMPP sven.schwedas at tao.at | Skype sven.schwedas
TAO Digital | Lendplatz 45 | A8020 Graz
https://www.tao-digital.at | Tel +43 680 301 7167
https://pave.software – PAVE Password Manager

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20170329/d3fb504d/signature.sig>

More information about the samba mailing list