[Samba] Transferring fsmo roles to new DC2
Michael Tokarev
mjt at tls.msk.ru
Mon Jan 16 10:31:31 UTC 2023
16.01.2023 13:16, Callum G. MacEwan via samba wrote:
> Hi Team
>
> I am transferring to a new AD DC
>
> So I started transferring the fsmo roles the first five transferred fine the domaindns and forestdns had the following error!
>
> root at DC2:/etc/sudoers.d# samba-tool fsmo transfer --role=forestdns -UAdministrator
> Password for [BALEWAN\Administrator]:
> ERROR: Failed to add role 'forestdns': LDAP error 16 LDAP_NO_SUCH_ATTRIBUTE - <attribute 'fSMORoleOwner': no matching attribute value while deleting
> attribute on 'CN=Infrastructure,DC=ForestDnsZones,DC=balewan,DC=pegasusnz,DC=com'> <>
This is exactly the message I were seeing when trying to transfer FSMO roles.
Rowland said it is due to me using unsupported configuration.
Probably you too is using something unsupported ;))
> What's the best thing to resolve this? seize the roles perhaps?
I ended up stealing FSMO roles from another DC, with removing this one.
It bought some other issues (not removing stale DNS record for the old
DC, and non-working inter-DC replication, both can be fixed by manually
doing things).
I'd not say this is the best way though. The best way is to find the bug
in samba and fix it.
Thanks,
/mjt
More information about the samba
mailing list