[Samba] Demoting troublesome DC
Paul Littlefield
info at paully.co.uk
Fri May 25 14:46:21 UTC 2018
Hello,
I am running in a duplicate test environment of my work domain.
I have 2 x 4.1 DCs and 2 x 4.7 DCs.
I have transferred FSMO role to #3 and it is replicating to #4 fine.
I have demoted #1 which appeared to go fine and have turned it off.
When I try to demote #2 it fails with the error...
Using dc3.domain.com as partner server for the demotion
Password for [DOMAIN\administrator]:
Desactivating inbound replication
Asking partner server dc3.domain.com to synchronize from us
Failed to bind - LDAP error 8 LDAP_STRONG_AUTH_REQUIRED - <SASL:[GSS-SPNEGO]: Sign or Seal are required.> <>
Failed to connect to 'ldap://dc3.domain.com' with backend 'ldap': (null)
Error while demoting, re-enabling inbound replication
ERROR(ldb): Error while changing account control - None
...any ideas?
My first guess is the difference between Gentoo/Samba 4.1 and Ubuntu/4.7
Thanks in advance.
--
Paul Littlefield
More information about the samba
mailing list