[Samba] Magically disappearing errors during FSMO transfer
Mike Ray
mray at xes-inc.com
Thu Oct 5 20:32:38 UTC 2017
----- On Oct 5, 2017, at 2:55 PM, samba samba at lists.samba.org wrote:
> The problem is that you need to Authenticate to transfer the domaindns
> and forestdns FSMO roles, this means you also need to authenticate if
> you transfer 'all' the FSMO roles.
>
> If 'samba-tool fsmo show is now displaying the correct owners and
> everything is working correctly, you are probably going to be okay.
>
> I will look into refusing to do anything if 'all' or 'domaindns' or
> 'forestdns' roles are selected without using authentication.
>
> Rowland
Sorry about the message, I did not split it well. I've included some of the last
lines below in a more readable format:
> root at dc3:~# samba-tool fsmo transfer --role forestdns -UAdministrator
> Password for [Example\Administrator]:
> ERROR: Failed to delete role> 'forestdns': LDAP error 16 LDAP_NO_SUCH_ATTRIBUTE - <attribute> 'fSMORoleOwner': no matching attribute value while deleting attribute on 'CN=Infrastructure,DC=ForestDnsZones,DC=example,DC=com'> <>
> root at dc3:~# samba-tool fsmo transfer --role forestdns> -UAdministrator
> This DC already has the 'forestdns' FSMO role
I did do some authenticating, but still saw some errors. Any explanation for
this?
Also, do you have any insight into the "Failed FSMO transfer:
NT_STATUS_IO_TIMEOUT" errors?
These popped up on like the "pdc" role, so authentication shouldn't have been an
issue here.
More information about the samba
mailing list