[Samba] Cannot delete trust
Stephen Brandli
steve at brandli.com
Mon Feb 17 19:14:27 UTC 2025
Okay,
I have finally narrowed down my problems to a single one. The trust between the two domains I have seems to be broken, and I don't know how to fix it. I am trying to delete the trust, but it won't let me as I will explain. This broken trust appears to be why the file server I set up this weekend is acting up. When I took out the "idmap config ad" entries for the trusted domain, the server acted normally (for the local domain users of course). I want to fix the trust so that the trusted domain's users can also access this server among other things.
Config: Two domains, BRANDLI and BRANDLILAW. Both report the trust between them. samba-tool domain trust validate from a BRANDLI dc using the full domain names (domain.brandlilaw.com) works. Using just brandlilaw does not; same error as #4 attached. Validate from BRANDLILAW segfaults (earlier email). Note that these dc's are all upgrades (actually, new dc's joined to old domains) from buster. However, the trust has been acting up prior to the conversion I believe.
To delete the trust, I shut down all but the FSMO holder for each of the two domains. After each attempt at the delete, I rolled back both domain controllers for the next attempt so that the failed attempt would not be causing further problems. On each domain controller, I tried samba-tool domain trust delete domain.<name>.com, and samba-tool domain trust delete <name>. All four attempts (two on each domain controller) failed. I have attached the results of each of the four attempts. Temple1 is on BRANDLILAW and minister2 is on BRANDLI.
I really need some help here. I don't know how to fix, or get rid of, the trust. At this point, if there is some really good expert who would like a contribution, I would be happy to pay.
Thank you for any pointers you can give me.
Steve
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Trust Delete Err 1 temple1.txt
URL: <http://lists.samba.org/pipermail/samba/attachments/20250217/cbd40d5f/TrustDeleteErr1temple1.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Trust Delete Err 2 temple1.txt
URL: <http://lists.samba.org/pipermail/samba/attachments/20250217/cbd40d5f/TrustDeleteErr2temple1.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Trust Delete Err 3 minister2.txt
URL: <http://lists.samba.org/pipermail/samba/attachments/20250217/cbd40d5f/TrustDeleteErr3minister2.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Trust Delete Err 4 minister2.txt
URL: <http://lists.samba.org/pipermail/samba/attachments/20250217/cbd40d5f/TrustDeleteErr4minister2.txt>
More information about the samba
mailing list