[Samba] messy replication
Rowland penny
rpenny at samba.org
Thu Jul 18 10:42:26 UTC 2019
On 18/07/2019 11:18, Adam Weremczuk via samba wrote:
> Hi Rownland,
>
> The file is is pretty big for our company size - 124k lines when edited.
> I've spend about an hour carefully removing, editing and skipping
> entries referencing old dc1.
> Unfortunately upon saving all my changes were discarded without a
> warning...
>
> root at dc2 /# ldbedit -e vim -H /var/lib/samba/private/sam.ldb --cross-ncs
> Processing section "[netlogon]"
> Processing section "[sysvol]"
> pm_process() returned Yes
> GENSEC backend 'gssapi_spnego' registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'naclrpc_as_system' registered
> GENSEC backend 'sasl-EXTERNAL' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'ntlmssp_resume_ccache' registered
> GENSEC backend 'http_basic' registered
> GENSEC backend 'http_ntlm' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> failed to add CN=dns-dc2,CN=Users,DC=example,DC=co,DC=uk -
> objectclass: 'isCriticalSystemObject' must not be specified!
>
> Would it be ok to leave this record as dns-dc1?
> Or maybe I should do something else?
>
Well, 'dns-dc2' is the user for Bind9 on dc2, so you shouldn't try to
create it yourself.
Easiest way will be to remove all mention of the dead DC, then use
'samba_upgradedns' to upgrade to the internal dns server, then run it
again to upgrade to Bind9 again, this will create the required user for you.
Rowland
More information about the samba
mailing list