[Samba] Problem with demoting, new dc and replic

Rowland Penny rpenny at samba.org
Thu May 17 18:21:24 UTC 2018 

On Thu, 17 May 2018 13:11:36 -0400
lingpanda101 via samba <samba at lists.samba.org> wrote:

> On 5/17/2018 12:45 PM, Carlos Bordon via samba wrote:
> > Hi!
> >
> > i have 3 dcs with samba
> >
> >
> > i demote bdc and replace it with dc2 with de same ip
> >
> > the replicate with dc1 is ok, and the replicate of dc3 with dc1 is
> > ok,
> >
> > the problem is in dc2 with dc3
> >
> > i found the problem, but i dont known how fixes
> >
> > when i do samba-tools drs showrepl in dc3
> >
> > i see in connection appears the old dc named bdc and dont appears
> > the new, dc2
> >
> > i try with samba-tool drs replicate but nothing change
> >
> > any idea?
> >
> > thanks for exist!
> 
> It sounds like after demote Samba was not able to remove some
> lingering objects.
> 
> You should remove any entries with the name bdc in your DNS. Look in 
> your domain zone as well as _msdcs.cimg.local. Search all sub folders 
> (ie., _sites,_tcp ect.)I find its easier to use Microsoft DNS manager 
> for this.
> 
> Confirm in Active Directory Users and Computers that the DC bdc is 
> deleted from the 'Domain Controllers' OU.
> 
> Finally open Active Directory Sites and Services and expand 
> 'Default-First-Site-Name'. Delete the bdc server if it exists. Expand 
> dc1 and dc3 and remove any 'automatically generated' site links 
> referencing bdc if they exist.  Use cation and double check before 
> deleting that it's bdc you are deleting.
> 
> Finally let the other DC's replicate the changes you made for a few 
> minutes. It should be relatively instant but just to be sure wait.
> Then run '/samba/sbin/samba_dnsupdate' on dc2.
> 
> 
> -James

Apart from the possible 'bdc' records in AD, I don't think you have a
replication problem. I say possible 'bdc' records, because they could
be tombstones and you cannot easily delete them.

Coming back to the replication, from what you have posted, you have this
topology:

         Matriz site        Filail site
            DC1 --------------- DC3
             |
             |
            DC2  

You don't actually want replication between DC2 & DC3, this would
mean using the WAN link. DC2 would replicate to DC1 (and
visa versa), DC1 would replicate to DC3 (and visa versa again).

Rowland

More information about the samba mailing list