[Samba] Error Demoting DC Windows from Domain

Marcio Demetrio Bacci marciobacci at gmail.com
Fri Aug 16 16:16:11 UTC 2019


Hi,

>If your replication is good and all is verified, you can turn off the
windows DC.
>I suggest, leave everyting as is. Wait 3-5 days.

Replication between Samba 4 DC are OK.

However, sometimes problems arise between Windows Server 2008 and Samba 4
records, usually related to attributes of 2 or 3 specific computers.

I edit the Samba registry with ldbedit and everything is OK. After a while
the problem recurs again. This way, I want to remove Windows Server 2008 DC
from the domain.

When I have transferred the roles ForestDNSZones and DomainDNSZones I had
to use samba-tool fsmo seize, the others 5 roles I have transferred with
samba-tool fsmo transfer without problems.

My Samba 4 DC has been owner fsmo roles for 3 weeks.

> Verify you logs.

 I have noticed DNS dynamic updates issues.

I believe it's because my Windows Server 2008 DC servers were not Domain
Authoritative DNS, so I had to integrate them with Active Directory
manually.

Regards,

Márcio Bacci

Em sex, 16 de ago de 2019 às 12:08, L.P.H. van Belle via samba <
samba at lists.samba.org> escreveu:

> If your replication is good and all is verified, you can turn off the
> windows DC.
> I suggest, leave everyting as is. Wait 3-5 days.
> Verify you logs.
>
> Meanwhile, read
> https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC
> Then when you 100% sure, you can remove it.
>
> Greetz,
>
> Louis
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > Marcio Demetrio Bacci via samba
> > Verzonden: vrijdag 16 augustus 2019 17:02
> > Aan: sambalist
> > Onderwerp: [Samba] Error Demoting DC Windows from Domain
> >
> > Hi,
> >
> > I have jointed 2 Samba 4 servers in my domain and transferred
> > FSMO roles to
> > the primary Samba 4 server.
> >
> > I have verified that the Samba 4 servers are OK, but I am
> > having trouble
> > removing the latest DC Windows Server 2008.
> >
> > It reports that there is no other DC to transfer data from
> > the directory DC
> > = DomainDNSZones, DC = Enterprise, DC = com, DC = br
> >
> > However the functions are all on my DC Samba 4 Primary
> >
> > root at samba4-dc1:~# samba-tool fsmo show
> > SchemaMasterRole owner: CN=NTDS
> > Settings,CN=SAMBA4-DC1,CN=Servers,CN=Default-First-Site-Name,C
> > N=Sites,CN=Configuration,DC=empresa,DC=com,DC=brDC=br
> > InfrastructureMasterRole owner: CN=NTDS
> > Settings,CN=SAMBA4-DC1,CN=Servers,CN=Default-First-Site-Name,C
> > N=Sites,CN=Configuration,DC=empresa,DC=com,DC=brDC=br
> > RidAllocationMasterRole owner: CN=NTDS
> > Settings,CN=SAMBA4-DC1,CN=Servers,CN=Default-First-Site-Name,C
> > N=Sites,CN=Configuration,DC=empresa,DC=com,DC=brDC=br
> > PdcEmulationMasterRole owner: CN=NTDS
> > Settings,CN=SAMBA4-DC1,CN=Servers,CN=Default-First-Site-Name,C
> > N=Sites,CN=Configuration,DC=empresa,DC=com,DC=brDC=br
> > DomainNamingMasterRole owner: CN=NTDS
> > Settings,CN=SAMBA4-DC1,CN=Servers,CN=Default-First-Site-Name,C
> > N=Sites,CN=Configuration,DC=empresa,DC=com,DC=brDC=br
> > DomainDnsZonesMasterRole owner: CN=NTDS
> > Settings,CN=SAMBA4-DC1,CN=Servers,CN=Default-First-Site-Name,C
> > N=Sites,CN=Configuration,DC=empresa,DC=com,DC=brDC=br
> > ForestDnsZonesMasterRole owner: CN=NTDS
> > Settings,CN=SAMBA4-DC1,CN=Servers,CN=Default-First-Site-Name,C
> > N=Sites,CN=Configuration,DC=empresa,DC=com,DC=brDC=br
> >
> > Can I delete the Windows Server server anyway?
> >
> > Regards,
> >
> > Márcio Bacci
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list