[Samba] AD woes
Rowland penny
rpenny at samba.org
Thu Apr 22 16:04:12 UTC 2021
On 22/04/2021 16:43, Emmanuel Florac via samba wrote:
> The OLDSERVER has been decommissioned for months, so I don't understand
> why it switched back to using it after last reboot (9 days ago).
> Apparently caching is a bit too eager :)
The problem is (as I found out yesterday), demoting a DC doesn't remove
all its records in AD, this is also what Windows appears to do, but a
demoted Windows DC becomes a domain member. Samba doesn't set a demoted
DC up as a domain member, it would require a lot more work. This has
lead me to think that the best way to demote a DC in a Samba domain is
to add a new DC, then just turn the old DC off and demote it from the
new DC using the '--remove-other-dead-server' switch, this will remove
all the old DC's records.
Rowland
More information about the samba
mailing list