[Samba] transferring FSMO to new DC failing with domaindns and forestdns
Daniel Christie
dchristienz at gmail.com
Wed Jun 25 20:59:25 UTC 2025
Yeah bad sanitising
On Thu, 26 Jun 2025, 8:14 am Rowland Penny via samba, <samba at lists.samba.org>
wrote:
> On Mon, 23 Jun 2025 22:54:01 +1200
> Daniel Christie via samba <samba at lists.samba.org> wrote:
>
> Sorry to be a bit late in replying, but I have been trying to get my
> head around code I wrote 10 years ago.
>
> > *sudo ldbsearch --cross-ncs -H /var/lib/samba/private/sam.ldb -P -b
> > 'CN=infrastructure,DC=DomainDnsZones,DC=home,DC=domain,DC=com' -s s*
> > *ub '(fSMORoleOwner=*)' fSMORoleOwner*
> > # record 1
> > dn: CN=Infrastructure,DC=DomainDnsZones,DC=home,DC=domain,DC=com
> > fSMORoleOwner: CN=NTDS
> > Settings,CN=DC1,CN=Servers,CN=Mears,CN=Sites,CN=Configu
> > ration,DC=home,DC=krust,DC=kiwi
>
> Is that bad sanitising ? 'DC=home,DC=domain,DC=com' in the DN has
> become 'DC=home,DC=krust,DC=kiwi' in the attribute, if it isn't, then
> that is probably your problem.
>
> If all else fails try seizing the domaindns and forestdns roles to the
> new DC and then demote the old DC.
>
> NOTE: You will have to use '--force' with the seize command, or it will
> try to transfer the role first.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list