[Samba] Issue to Demote old DC
Rowland Penny
rpenny at samba.org
Tue May 23 06:00:44 UTC 2017
On Mon, 22 May 2017 19:37:58 -0300
Marcio Demetrio Bacci via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I'm trying demote my old DC, but the following message appear:
>
> root at dc-old:~# samba-tool domain demote -Uadministrator
> Using dc1.empresa.com.br as partner server for the demotion
> Password for [EMPRESA\administrator]:
> Deactivating inbound replication
> Asking partner server dc1.empresa.com.br to synchronize from us
> Failed to bind - LDAP error 8 LDAP_STRONG_AUTH_REQUIRED -
> <SASL:[GSS-SPNEGO]: Sign or Seal are required.> <>
> Failed to connect to 'ldap://dc1.empresa.com.br' with backend 'ldap':
> (null) Error while demoting, re-enabling inbound replication
> ERROR(ldb): Error while changing account control - None
>
try adding 'ldap server require strong auth = no' to the smb.conf on
the DC you are trying to demote.
Rowland
More information about the samba
mailing list