[Samba] Demote/Promote Samba DC
Peter Pollock
peter.pollock at kingschristian.org
Wed Apr 21 16:30:09 UTC 2021
If we use --remove-other-dead-server does that mean the server then has to
be completely rebuilt to add it again?
Therefore there is no demote and re-promote, just delete, remove and start
all over again?
On Wed, Apr 21, 2021 at 12:21 AM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 21/04/2021 08:06, Andrew Bartlett via samba wrote:
> > On Wed, 2021-04-21 at 08:19 +0200, Stefan Bellon via samba wrote:
> >> Not sure whether this has anything to do with it ... but I demoted
> >> our
> >> old Samba 4.2 server yesterday from the domain as well.
> >>
> >> While "samba-tool domain demote -Uadministrator" worked fine and
> >> reported success, in the DNS there were still ~20 records referring
> >> to
> >> that old DC. I stopped the old Samba 4.2, removed the BIND9 DLZ
> >> integration on that old DC, restarted all BIND instances (also
> >> those on the newer Samba 4.13.5 DCs) ... still, all the records
> >> remained.
> >>
> >> I ended up starting DNS tools on Windows and opened the whole tree,
> >> went through the entries one by one and deleted all that were still
> >> referring to the old DC (except of course the actual A and AAAA
> >> records).
> >>
> >> I think, "domain demote" only takes care of part of the demotion?
> > Pretty much. I wrote an additional mode --remove-other-dead-server
> > which is far more brutal because of this.
> >
> > Andrew Bartlett
> >
>
> So, what you are saying is, do not demote a DC because a lot of its AD
> records will not be removed, turn off the DC and use
> '--remove-other-dead-server' and this will remove them.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list