[Samba] Error Demoting DC Windows from Domain

Marcio Demetrio Bacci marciobacci at gmail.com
Tue Aug 20 15:06:21 UTC 2019 

Hi,

I left the server off for 5 days.

The Samba 4 DC Servers are apparently working fine.

Now, I am unable to demote Windows Server 2008 Server through the DCPROMO
tool.

The following message appears:

"



*The operation failed because:Active Directory Domain Services could not
find another Active Directory Domain Controller to transfer the remaining
data to the directory partition DC = DomainDnsZones, DC = empesa, DC = com,
DC = br.The specified domain either does not exist or could not be
contacted.*"

The Replication between servers (Samba 4 and Windows) is OK.

Is it advisable for me to remove Windows DC manually?

Regards,

Márcio Bacci

Em sex, 16 de ago de 2019 às 13:42, Marcio Demetrio Bacci <
marciobacci at gmail.com> escreveu:

> Hi
>
> OK. I have already turn off my Windows DC.
>
> I will wait 3 days before demote my Windows Server DC.
>
> Thanks,
>
> Regards,
>
> Márcio Bacci
>
> Em sex, 16 de ago de 2019 às 13:26, Rowland penny via samba <
> samba at lists.samba.org> escreveu:
>
>> On 16/08/2019 17:16, Marcio Demetrio Bacci via samba wrote:
>> > Hi,
>> >
>> >> If your replication is good and all is verified, you can turn off the
>> > windows DC.
>> >> I suggest, leave everyting as is. Wait 3-5 days.
>> > Replication between Samba 4 DC are OK.
>> >
>> > However, sometimes problems arise between Windows Server 2008 and Samba
>> 4
>> > records, usually related to attributes of 2 or 3 specific computers.
>> >
>> > I edit the Samba registry with ldbedit and everything is OK. After a
>> while
>> > the problem recurs again. This way, I want to remove Windows Server
>> 2008 DC
>> > from the domain.
>> >
>> > When I have transferred the roles ForestDNSZones and DomainDNSZones I
>> had
>> > to use samba-tool fsmo seize, the others 5 roles I have transferred with
>> > samba-tool fsmo transfer without problems.
>> >
>> > My Samba 4 DC has been owner fsmo roles for 3 weeks.
>> >
>> >> Verify you logs.
>> >   I have noticed DNS dynamic updates issues.
>> >
>> > I believe it's because my Windows Server 2008 DC servers were not Domain
>> > Authoritative DNS, so I had to integrate them with Active Directory
>> > manually.
>> >
>> >
>> I suggest you follow Louis's advice, turn off the Windows DC and wait,
>> if you get errors, you can turn the Windows DC back on, but I don't
>> think you will have to and I don't think you will have to wait long
>> before you have to. You will either get errors quickly or none at all.
>>
>> Rowland
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>

More information about the samba mailing list