[Samba] Demote/Promote Samba DC
Rowland penny
rpenny at samba.org
Wed Apr 21 07:20:38 UTC 2021
On 21/04/2021 08:06, Andrew Bartlett via samba wrote:
> On Wed, 2021-04-21 at 08:19 +0200, Stefan Bellon via samba wrote:
>> Not sure whether this has anything to do with it ... but I demoted
>> our
>> old Samba 4.2 server yesterday from the domain as well.
>>
>> While "samba-tool domain demote -Uadministrator" worked fine and
>> reported success, in the DNS there were still ~20 records referring
>> to
>> that old DC. I stopped the old Samba 4.2, removed the BIND9 DLZ
>> integration on that old DC, restarted all BIND instances (also
>> those on the newer Samba 4.13.5 DCs) ... still, all the records
>> remained.
>>
>> I ended up starting DNS tools on Windows and opened the whole tree,
>> went through the entries one by one and deleted all that were still
>> referring to the old DC (except of course the actual A and AAAA
>> records).
>>
>> I think, "domain demote" only takes care of part of the demotion?
> Pretty much. I wrote an additional mode --remove-other-dead-server
> which is far more brutal because of this.
>
> Andrew Bartlett
>
So, what you are saying is, do not demote a DC because a lot of its AD
records will not be removed, turn off the DC and use
'--remove-other-dead-server' and this will remove them.
Rowland
More information about the samba
mailing list