[Samba] Error Removing Samba Server from Domain
Marcio Demetrio Bacci
marciobacci at gmail.com
Mon Jul 29 22:52:09 UTC 2019
Hi,
I removed the last server (samba4-dc-old listed below) from the domain, but
information related to that server remained. Is there any way to remove
this registry from Samba 4?
samba-tool drs showrepl
Default-First-Site-Name\SAMBA4-DC
DSA Options: 0x00000001
DSA object GUID: a1ab021c-0ef7-4fd3-a69d-28afc7c1260a
DSA invocationId: a20c8ed0-c72a-4e57-9e59-2236f127d0b8
==== INBOUND NEIGHBORS ====
DC=ForestDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 19:39:15 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:15 2019 -03
DC=ForestDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 19:39:15 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:15 2019 -03
CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 19:39:15 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:15 2019 -03
CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 19:39:16 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:16 2019 -03
DC=DomainDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 19:39:15 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:15 2019 -03
DC=DomainDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 19:39:15 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:15 2019 -03
CN=Schema,CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 19:39:16 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:16 2019 -03
CN=Schema,CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 19:39:16 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:39:16 2019 -03
DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 19:41:57 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:41:57 2019 -03
DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 19:41:33 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 19:41:33 2019 -03
==== OUTBOUND NEIGHBORS ====
DC=ForestDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 17:44:05 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:44:05 2019 -03
DC=ForestDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 17:44:06 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:44:06 2019 -03
CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 17:45:10 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:45:10 2019 -03
CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 17:45:10 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:45:10 2019 -03
DC=DomainDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 17:44:06 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:44:06 2019 -03
DC=DomainDnsZones,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 17:44:06 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:44:06 2019 -03
CN=Schema,CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 17:44:06 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:44:06 2019 -03
CN=Schema,CN=Configuration,DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 17:44:06 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:44:06 2019 -03
DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC1 via RPC
DSA object GUID: d580939f-a8b9-43ea-84e9-be0f9bd29468
Last attempt @ Mon Jul 29 18:04:02 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 18:04:02 2019 -03
DC=empresa,DC=com,Dc=br
Default-First-Site-Name\WIN-DC2 via RPC
DSA object GUID: 3b894dae-0497-43ae-b69a-e31750112321
Last attempt @ Mon Jul 29 17:55:11 2019 -03 was successful
0 consecutive failure(s).
Last success @ Mon Jul 29 17:55:11 2019 -03
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: c6393fbd-461c-4fd7-ac62-4801a3de43d2
Enabled : TRUE
Server DNS name : win-dc1.empresa.com.br
Server DN name : CN=NTDS
Settings,CN=WIN-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=empresa,DC=com,Dc=br
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
Connection name: e5cef3eb-3c8a-4a75-8907-6712af32c952
Enabled : TRUE
Server DNS name : win-dc2.empresa.com.br
Server DN name : CN=NTDS
Settings,CN=WIN-DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=empresa,DC=com,Dc=br
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Connection --
Connection name: b99eba05-b49c-461f-8814-eb20d44e6f96
Enabled : TRUE
Server DNS name : *samba4-dc-old.empresa.com.br
<http://samba4-dc-old.empresa.com.br>*
Server DN name : CN=NTDS
Settings\0ADEL:e2a375da-4a96-4ffb-930a-c158747a19fb,CN=SAMBA4-DC-OLD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=empresa,DC=com,Dc=br
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
Regards,
Márcio Bacci
Em seg, 29 de jul de 2019 às 19:15, Tim Beale <timbeale at catalyst.net.nz>
escreveu:
> I think this relates to the previous problem you posted about
> replication not working (which is probably due to the
> WERR_DS_DRA_SCHEMA_MISMATCH error you're hitting).
>
> I think the demote command is trying to replicate out to another DC one
> last time, so that you don't lose any local modifications to the local
> DC's database. This is failing.
>
> Try using the --remove-other-dead-server option instead, e.g.
>
> samba-tool domain demote -UAdministrator
> --remove-other-dead-server=<your-samba-dc>
>
> On 30/07/19 8:53 AM, Marcio Demetrio Bacci via samba wrote:
> > Hi,
> >
> > I need to remove my Samba 4 server from the domain and the following
> error
> > is happening:
> >
> > samba-tool domain demote -Uadministrator
> > Using WIN-DC1.empresa.com.br as partner server for the demotion
> > Password for [EMPRESA\capbacci]:
> > Deactivating inbound replication
> > Asking partner server WIN-DC1.empresa.com.br to synchronize from us
> > Error while replicating out last local changes from
> > 'DC=empresa,DC=com,DC=br' for demotion, re-enabling inbound replication
> > ERROR(<class 'samba.WERRORError'>): Error while sending a DsReplicaSync
> for
> > partition 'DC=empresa,DC=com,DC=br' - (8418,
> 'WERR_DS_DRA_SCHEMA_MISMATCH')
> > File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line
> 787,
> > in run
> > drsuapiBind.DsReplicaSync(drsuapi_handle, 1, req1)
> >
> > I had placed in the domain without problems last week.
> >
> > Can anybody help me?
> >
> > Regards,
> >
> > Márcio Bacci
>
More information about the samba
mailing list