Re: [Samba] Cleaning up old DC DNS records
- Date: Thu, 14 Sep 2017 09:59:06 -0400
- From: Patrick Lepore via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Cleaning up old DC DNS records
Ok, I'll clean up those records manually.
On Wed, Sep 6, 2017 at 5:42 AM, Andrew Bartlett <abartlet@xxxxxxxxx> wrote:
> On Tue, 2017-09-05 at 18:39 -0400, Patrick Lepore via samba wrote:
> > Hi, I demoted a running domain controller by running the samba-tool
> > command on the running system to be demoted and there's still some DNS
> > entries for the old one kicking around. It's still listed under _msdcs
> > also _kerberos._udp and _ldap._tcp.
> > Should I manually remove them?
> > If so, is there a list of spots to look in
> > for DNS entries of old DCs?
> The remove-other-dead-server option looks for records pointing at the
> AD record of the demoted DC.
> > Also, does the fact that these entries weren't removed indicate I had
> > something misconfigured on the to-be-removed system or I screwed up the
> > demotion procedures?
> If you used the --remove-other-dead-server option, it would have
> removed them. The online removal isn't as complete.
> I've scoped out the work (on behalf of a client) to make the dynamic
> records expire, to have a cleanup and to make the online cleanup more
> thorough, but for now that is how it is.
> Andrew Bartlett
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Catalyst IT http://catalyst.net.nz/
To unsubscribe from this list go to the following URL and read the