[Samba] ERROR: Transfer of 'pdc' role failed: Failed FSMO transfer: WERR_GEN_FAILURE

Matthias Leopold matthias.leopold at meduniwien.ac.at
Fri Jan 22 14:23:36 UTC 2021



Am 22.01.21 um 15:12 schrieb Rowland penny via samba:
> On 22/01/2021 13:50, Matthias Leopold via samba wrote:
>> Hi,
>>
>> I transferred FSMO roles between two DCs for the first time (in the 
>> course of version upgrade from 4.12 to 4.13 including DC demote). I 
>> did it twice (once transferring to 4.13 from 4.12, once between all 
>> 4.13). In both cases I got an error when transferring the PDC role:
>>
>> # samba-tool fsmo transfer --role=pdc
>> ERROR: Transfer of 'pdc' role failed: Failed FSMO transfer: 
>> WERR_GEN_FAILURE
>>
>> The transfer actually seems to succeed (when checking "samba-tool fsmo 
>> show" afterwards). In logs of "losing" DC I see:
>>
>> [2021/01/22 14:30:44.080710,  0] 
>> ../../source4/rpc_server/drsuapi/getncchanges.c:1413(getncchanges_change_master) 
>>
>>   ../../source4/rpc_server/drsuapi/getncchanges.c:1413: FSMO role or 
>> RID manager transfer owner request when not role owner
>>
>> I'm not 100% sure this is from PDC role transfer, could theoretically 
>> also be from other (succeeding) transfers.
>>
>> Samba packages are from Sernet, OS is CentOS 8.
>>
>> Why is this? Do I have to worry?
>>
>> thx
>> Matthias
>>
>>
>>
> What does 'samba-tool fsmo show' list ?
# samba-tool fsmo show
SchemaMasterRole owner: CN=NTDS 
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
InfrastructureMasterRole owner: CN=NTDS 
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
RidAllocationMasterRole owner: CN=NTDS 
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
PdcEmulationMasterRole owner: CN=NTDS 
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
DomainNamingMasterRole owner: CN=NTDS 
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
DomainDnsZonesMasterRole owner: CN=NTDS 
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at
ForestDnsZonesMasterRole owner: CN=NTDS 
Settings,CN=DC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=itsc-test2,DC=meduniwien,DC=ac,DC=at

> 
> Are the correct FSMO role owners shown ?
I don't know how to determine "correct".
After I do "samba-tool fsmo transfer" for each role, the output of 
'samba-tool fsmo show' changes accordingly. The only thing is that I get 
the mentioned error when transferring the PDC role.


Matthias





More information about the samba mailing list