[Samba] Issues with demoting a DC (contd): drs kcc doesn't help?

[Michael Tokarev]

After force-demoting a DC yesterday, I've had one more issue with 3rd DC
in our forest.

Before the demotion, there were 3 DCs, say, a0, a1 and b (a* were on
site A and b were on site B).  I force-demoted a0 from a1.

And after that, replication on b weren't working.  samba-tool drs showrepl
on b did show list of *inbound* connections from a0 (which does not exist
anymore), with a lot of errors with status WERR_FILE_NOT_FOUND.
Outbound connections all listed a1, but inbound only listed a0 (which
doesn't exist anymore).

On a1, at the other hand, all inbound connections were listed from b,
but outbound connection list were empty.

I had to manually replicate things from a1 to b, this way:

samba-tool drs replicate b a1 CN=Configuration,DC=my,DC=dom,DC=ain

(for each of Configuration, ForestDnsZone, ForestDnsZones, and the
whole domain).  Only after that, both ends syncronised the lists
of inbound/outbound connections, and things started working again.

I tried samba-tool drs kcc before the manual sync, - it always
reported success.  Also, in the windows sites and services manager
view, there were b->a1 link displayed, but not the other way.
After manually syncing things, both links appeared.

Maybe I was impatient and should wait longer than ~12H, dunno.
Either way, this manual sync fixed the missing bits for me.
Maybe it will be helpful for someone else.

/mjt