Web lists-archives.com

Re: [Samba] Remove stale DRS replication partner




On 6/26/2017 4:35 PM, Johannes Engel wrote:
Hi James,

thanks a lot for your hint. However, I seem to be unable to find it there. Can you please be a little more specific?
I tried to check the replication topology, but no success.
Thanks a lot!

Best regards
Johannes

lingpanda101 via samba <samba@xxxxxxxxxxxxxxx <mailto:samba@xxxxxxxxxxxxxxx>> schrieb am Mo., 26. Juni 2017 um 20:52 Uhr:

    On 6/26/2017 2:43 PM, Johannes Engel via samba wrote:
    > Dear list,
    >
    > After (almost) successfully removing a dead DC from my domain I
    am left
    > with only one visible symptom:
    > samba-tool drs showrepl shows two stale outbound link for one of the
    > remaining 2 DCs:
    > DC=DomainDnsZones,DC=subdom,DC=mydom,DC=com
    >          NTDS DN: CN=NTDS
    >
    Settings\0ADEL:09210f3d-dab9-4a69-92ca-b11e93845367,CN=DC3\0ADEL:591e8395-a414-4bca-99a0-8cb195417493,CN=Servers,CN=Location,CN=Sites,CN=Configuration,DC=subdom,DC=mydom,DC=com
    >                  DSA object GUID:
    09210f3d-dab9-4a69-92ca-b11e93845367
    >                  Last attempt @ Mon Jun 26 17:26:27 2017 CEST
    failed, result
    > 2 (WERR_FILE_NOT_FOUND)
    >                  2001797 consecutive failure(s).
    >                  Last success @ Sat Jan  7 15:22:31 2017 CET
    >
    > I tried already the samba-tool emergency way using
    > DC2# samba-tool domain demote
    > --remove-other-dead-server=09210f3d-dab9-4a69-92ca-b11e93845367
    > ERROR: Demote failed: DemoteException:
    09210f3d-dab9-4a69-92ca-b11e93845367
    > is not an AD DC in subdom.mydom.com <http://subdom.mydom.com>
    >
    > Same using the server's name instead of the GUID.
    > How can I remove this connection from the replication?
    >
    > Any help appreciated.
    >
    > Best regards
    > Johannes

    You can remove the orphaned NTDS connection using Windows Sites and
    Services application.

    --
    --
    James


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/options/samba

I'll try, but I'm not sure if you have more then one site. Open Sites & Services. One the the left you may only see 'Default-First-Site-Name'. Click the arrow to expand 'Default-First-Site-Name'. Next click the arrow to expand 'Servers'. You should see one or more servers. Click the arrow next the the DC that continues to display the demoted NTDS settings when running 'showrepl'. You should now see 'NTDS Settings' under the DC. You can now right click and delete any 'automatically generated' site link not needed on the right pane or altogether delete the 'NTDS settings' under the DC you expanded.

If you see the actual DC you demoted when expanding 'Default-First-Site-Name', go ahead and delete it as well. Use caution when deleting a DC. Make sure it's the one no longer part of your domain. If in doubt on any of these steps, ask on the list.

--
--
James

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba