[Samba] ERROR: Transfer of 'pdc' role failed: Failed FSMO transfer: WERR_GEN_FAILURE
Matthias Leopold
matthias.leopold at meduniwien.ac.at
Fri Jan 22 14:23:36 UTC 2021
Am 22.01.21 um 15:12 schrieb Rowland penny via samba:
> On 22/01/2021 13:50, Matthias Leopold via samba wrote:
>> Hi,
>>
>> I transferred FSMO roles between two DCs for the first time (in the
>> course of version upgrade from 4.12 to 4.13 including DC demote). I
>> did it twice (once transferring to 4.13 from 4.12, once between all
>> 4.13). In both cases I got an error when transferring the PDC role:
>>
>> # samba-tool fsmo transfer --role=pdc
>> ERROR: Transfer of 'pdc' role failed: Failed FSMO transfer:
>> WERR_GEN_FAILURE
>>
>> The transfer actually seems to succeed (when checking "samba-tool fsmo
>> show" afterwards). In logs of "losing" DC I see:
>>
>> [2021/01/22 14:30:44.080710, 0]
>> ../../source4/rpc_server/drsuapi/getncchanges.c:1413(getncchanges_change_master)
>>
>> ../../source4/rpc_server/drsuapi/getncchanges.c:1413: FSMO role or
>> RID manager transfer owner request when not role owner
>>
>> I'm not 100% sure this is from PDC role transfer, could theoretically
>> also be from other (succeeding) transfers.
>>
>> Samba packages are from Sernet, OS is CentOS 8.
>>
>> Why is this? Do I have to worry?
>>
>> thx
>> Matthias
>>
>>
>>
> What does 'samba-tool fsmo show' list ?
# samba-tool fsmo show
SchemaMasterRole owner: CN=NTDS
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
InfrastructureMasterRole owner: CN=NTDS
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
RidAllocationMasterRole owner: CN=NTDS
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
PdcEmulationMasterRole owner: CN=NTDS
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
DomainNamingMasterRole owner: CN=NTDS
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
DomainDnsZonesMasterRole owner: CN=NTDS
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
ForestDnsZonesMasterRole owner: CN=NTDS
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
>
> Are the correct FSMO role owners shown ?
I don't know how to determine "correct".
After I do "samba-tool fsmo transfer" for each role, the output of
'samba-tool fsmo show' changes accordingly. The only thing is that I get
the mentioned error when transferring the PDC role.
Matthias
More information about the samba
mailing list