[Samba] Samba4 LDAP Error

[Marcio Demetrio Bacci]

Hi,

I want demote my DC (old) with Samba 4.2.1, but the following message
appear:

root at dc-old:~# samba-tool domain demote -Uadministrator
Using dc1.empresa.com.br as partner server for the demotion
Password for [EMPRESA\administrator]:
Deactivating inbound replication
Asking partner server dc1.empresa.com.br to synchronize from us
Failed to bind - LDAP error 8 LDAP_STRONG_AUTH_REQUIRED -
<SASL:[GSS-SPNEGO]: Sign or Seal are required.> <>
Failed to connect to 'ldap://dc1.empresa.com.br' with backend 'ldap':
(null) Error while demoting, re-enabling inbound replication
ERROR(ldb): Error while changing account control - None

Then I have tried to use the parameter "ldap server require strong auth" in
my smb.conf as the following:

# Global parameters
[global]
        workgroup = EMPRESA
        realm = EMPRESA.COM.BR
        netbios name = DC3
        server role = active directory domain controller
        dns forwarder = 192.168.0.36
        idmap_ldb:use rfc2307 = yes
        ldap server require strong auth = no
[netlogon]
        path = /opt/samba/var/locks/sysvol/empresa.com.br/scripts
        read only = No

[sysvol]
        path = /opt/samba/var/locks/sysvol
        read only = No
        acl_xattr:ignore system acls = yes



When I reboot the Samba4 the below message appears:

[ ok ] Stopping Samba 4 daemon: samba.
[....] Starting Samba 4 daemon: sambaUnknown parameter encountered: "ldap
server require strong auth"
Ignoring unknown parameter "ldap server require strong auth"


My new DC is Samba 4.6.3
My Old DC is Samba 4.2.1


Can anybody help me ?