[Samba] How to cleanly remove a DC from Samba domain?
Rowland Penny
rpenny at samba.org
Mon May 29 10:30:04 UTC 2023
On 29/05/2023 11:12, Alexandros Karypidis via samba wrote:
> I connected to LDAP via Apache Directory Studio and it seems that the child node under the computer account is an RID set:
>
> CN=RID Set,CN=DC2,CN=Computers,DC=ad,DC=home,DC=lan
>
> Is this an omission of the demotion process? Should this havfe been removed? Is it safe for me to delete this and try the "sambal-tool computer delete DC2" again?
>
Your DC should be running when you demote it, otherwise you should have
demoted it from another DC with the
'--remove-other-dead-server=The_DC_you_stopped' switch.
As each DC gets its own RID pool, you should be able to delete the old,
demoted DC's 'CN=RID Set,......'
However, I am unsure if this is possible, mainly because I haven't tried it.
As you have backups, give it a try and report back.
Rowland
More information about the samba
mailing list