Re: [Samba] after a couple of year of success is not possible to add workstations to domain

*/Hi all,
     after a couple of year of successfully working samba AD DC is
not possible to add workstations to domain
since a few day ago in windows i get a messagge complaining that the
account previously exists. ant that to try access with a different
account. after some investigation i found that the backupDC  was in
hardware fault. the primary seems to work great, but still unable to
add workstation to domain.
seems like something is missing,
samba version is 4.7.4(upgraded during investigation)

any advice ? where to look ?

One of the problems here is that you are thinking in terms of 'primary'
and 'backup' DCs. You haven't got a 'primary' DC or a 'backup' DC, you
just have two DCs and they should both contain exactly the same data in
AD. Problem is, when your second DC became faulty, it may have
corrupted AD on the DC and then replicated this corruption to the
first DC.

I would turn off the faulty DC (if it is still running), demote the
dead DC and then run 'samba-tool dbcheck'

But, before I tried to do anything, I would ensure that the first DC
was fully backed up.


thank you Rowland for your answer.,
i understend what you mean regarding DC, there was just two dc.
the faulty DC is no more in our datacenter(disk dead)
so i have one DC that is corrupted, i have a backup, but only after corruption.
dbcheck is good, even with ncs option, 0 errors
any other advice to check ?

