[Samba] NT_STATUS_NO_LOGON_SERVERS after removing a DC and WERR_BADFILE when trying to remove broken DC
Sven Schwedas
sven.schwedas at tao.at
Wed Mar 29 14:51:49 UTC 2017
Situation: Trying to upgrade Samba from 4.1 to 4.5 without disruption
too much by adding new DCs and demoting old ones.
After bringing online the first 4.5 DC, I ran `demote
--remove-other-dead-server=` on that DC to remove one of the old 4.1 DCs
(held no FSMO roles). That seemed to run fine (the DC had been offline
for a few weeks at that point and I didn't want to restore it just for
demotion.)
At that point, some (but not all) of our file servers started throwing
NT_STATUS_NO_LOGON_SERVERS (smbd) and
NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (winbind -P). Windows' RSAT tools
also completely fail to connect to the domain.
Some of the old DCs started throwing "Failed to bind to uuid
e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp:7e4973ba-4093-4523-a70f-7caa4845e34d._msdcs.ad.tao.at[1024,seal,krb5]
NT_STATUS_UNSUCCESSFUL" errors
Attempts to remove the new ADDC fail with "(2, 'WERR_BADFILE')".
So… How the fuck do I recover from this? What's even wrong?
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas, Systemadministrator
Mail/XMPP sven.schwedas at tao.at | Skype sven.schwedas
TAO Digital | Lendplatz 45 | A8020 Graz
https://www.tao-digital.at | Tel +43 680 301 7167
https://pave.software – PAVE Password Manager
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20170329/d3fb504d/signature.sig>
More information about the samba
mailing list