[Samba] NT_STATUS_NO_LOGON_SERVERS after removing a DC and WERR_BADFILE when trying to remove broken DC

Marc Muehlfeld mmuehlfeld at samba.org
Wed Mar 29 16:12:05 UTC 2017


Hello Sven,

Am 29.03.2017 um 16:51 schrieb Sven Schwedas via samba:
> Situation: Trying to upgrade Samba from 4.1 to 4.5 without disruption
> too much by adding new DCs and demoting old ones.
>
> After bringing online the first 4.5 DC, I ran `demote
> --remove-other-dead-server=` on that DC to remove one of the old 4.1 DCs
> (held no FSMO roles). That seemed to run fine (the DC had been offline
> for a few weeks at that point and I didn't want to restore it just for
> demotion.)

This sounds like a very inconvenient way to update.

The --remove-other-dead-server should be used only for desaster 
situations if there is no chance that the DC can demote itself.

That's the way how to update Samba:
https://wiki.samba.org/index.php/Updating_Samba#The_Update_Process



 > So… How the fuck do I recover from this? What's even wrong?

1.) Stop using such words on the lists.
2.) Calm down.
4.) Verify that the clients use a DNS that is able to resolve
     the AD DNS zones.
3.) Check if there are some of the DNS entries of the removed DCs
     left. For example, the ones you created manually when you
     join a Samba DC:
     https://wiki.samba.org/index.php/Verifying_and_Creating_a_DC_DNS_Record
     Some further things to check are listed here:
     https://wiki.samba.org/index.php/Demote_a_Samba_AD_DC
     Verify this at least on the DNS server the clients are using.
5.) Tell us all steps you ran, that lead to this situation.
6.) Show us the full "samba-tool drs showrepl" output.
7.) Is replication working between the remaining DCs?


Regads,
Marc




More information about the samba mailing list