[Samba] Failed Xfer of domain and forest fsmo
Robert A Wooldridge
bob.wooldridge at edm-inc.com
Fri Jul 19 20:14:42 UTC 2019
On 07/19/2019 03:08 PM, Rowland penny via samba wrote:
> On 19/07/2019 20:41, Robert A Wooldridge via samba wrote:
>> I have transferred all fsmo's except domain and forest. When I
>> attempt either one of these I get this error:
>> samba-tool fsmo transfer --role=forestdns
>> ERROR: Failed to delete role 'forestdns': LDAP error 50
>> LDAP_INSUFFICIENT_ACCESS_RIGHTS - <00002098: SecErr: DSID-03151D80,
>> problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
>> > <>
>> Any ideas on how to overcome this?
> If you run: samba-tool fsmo transfer --help
> Amongst the output is this:
> --role=ROLE The FSMO role to seize or transfer.
The role I specified is forestdns.
> above You must provide an Admin user
> and password.
After I provided the user and password, it failed but when I queried for
role assignments it says the forestdns is unassigned. So I did a seize
and this worked. Do I have to shutdown the DC that was the primary before?
More information about the samba