Re: [Samba] SAMBA failing to start after upgrade
- Date: Fri, 17 Nov 2017 10:06:41 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] SAMBA failing to start after upgrade
On Fri, 17 Nov 2017 11:38:22 +0200
Harsh Kukreja <h.kukreja@xxxxxxxxxx> wrote:
> The upgrade shouldn't have touched the Samba database, just the
> binaries etc, so check the smb.conf file and recreate it if you cannot
> find it, or if it is incorrect.
> The smb.conf still exists
> workgroup = IUMNET
> realm = IUMNET.EDU.NA
> netbios name = IUMDCDP01
> server role = active directory domain controller
> dns forwarder = 172.16.10.254
> domain master = yes
> preferred master = yes
> # server services = +s3fs,+dnsupdate,+dns,+winbind,+kdc,+ldap
> password server = 172.16.10.5
> allow dns updates = nonsecure and secure
> # lanman auth = Yes
> # client lanman auth = Yes
> ntlm auth = yes
> client use spnego = no
> client ldap sasl wrapping = sign
> # ldap ssl ads = yes
> # ldap ssl = start tls
> ldap server require strong auth = no
> # wins server = iumnet.edu.na
> # wins support = Yes
> time server = Yes
> template shell = /bin/bash
> template homedir = /home/%U
> # idmap config * : backend = tdb
> # idmap config *:range = 50000-1000000
> full_audit:prefix = %u|%I|%m|%S
> full_audit:failure = connect
> full_audit:success = connect disconnect
> seize the FSMO roles to another DC, forcibly demote the dead DC
> Please help with the commands to seize the FSMO roles to another DC
> and forcibly demote the dead DC.
OK, open a terminal on the DC you want to seize the FSMO roles to.
Type 'samba-tool --help'
This will show you the sub-commands available, the first one you want
is 'fsmo', so enter 'samba-tool fsmo --help'
This will display:
Usage: samba-tool fsmo <subcommand>
Flexible Single Master Operations (FSMO) roles management.
-h, --help show this help message and exit
seize - Seize the role.
show - Show the roles.
transfer - Transfer the role.
For more help on a specific subcommand, please type: samba-tool fsmo <subcommand> (-h|--help)
Now enter 'samba-tool fsmo seize --help'
>From the output of the above command, you should be able to work out
the command to seize the FSMO roles to this DC is:
samba-tool fsmo seize --role=all --force -UAdministrator
You will be prompted for a password
The roles should be now be 'seized' to this DC.
You can use another user instead of 'Administrator', but the user must
have the required permissions.
you use '--force' to stop the command trying to transfer the roles,
this will fail because the old DC is offline, so why bother ;-)
I will leave you to work out how to remove the other dead server, but
as a hint, it is under 'samba-tool domain'
To unsubscribe from this list go to the following URL and read the