Web lists-archives.com

Re: [Samba] Problem with demoting, new dc and replic

On 5/17/2018 2:21 PM, Rowland Penny via samba wrote:
On Thu, 17 May 2018 13:11:36 -0400
lingpanda101 via samba <samba@xxxxxxxxxxxxxxx> wrote:

On 5/17/2018 12:45 PM, Carlos Bordon via samba wrote:

i have 3 dcs with samba

i demote bdc and replace it with dc2 with de same ip

the replicate with dc1 is ok, and the replicate of dc3 with dc1 is

the problem is in dc2 with dc3

i found the problem, but i dont known how fixes

when i do samba-tools drs showrepl in dc3

i see in connection appears the old dc named bdc and dont appears
the new, dc2

i try with samba-tool drs replicate but nothing change

any idea?

thanks for exist!
It sounds like after demote Samba was not able to remove some
lingering objects.

You should remove any entries with the name bdc in your DNS. Look in
your domain zone as well as _msdcs.cimg.local. Search all sub folders
(ie., _sites,_tcp ect.)I find its easier to use Microsoft DNS manager
for this.

Confirm in Active Directory Users and Computers that the DC bdc is
deleted from the 'Domain Controllers' OU.

Finally open Active Directory Sites and Services and expand
'Default-First-Site-Name'. Delete the bdc server if it exists. Expand
dc1 and dc3 and remove any 'automatically generated' site links
referencing bdc if they exist.  Use cation and double check before
deleting that it's bdc you are deleting.

Finally let the other DC's replicate the changes you made for a few
minutes. It should be relatively instant but just to be sure wait.
Then run '/samba/sbin/samba_dnsupdate' on dc2.

Apart from the possible 'bdc' records in AD, I don't think you have a
replication problem. I say possible 'bdc' records, because they could
be tombstones and you cannot easily delete them.

Coming back to the replication, from what you have posted, you have this

          Matriz site        Filail site
             DC1 --------------- DC3

You don't actually want replication between DC2 & DC3, this would
mean using the WAN link. DC2 would replicate to DC1 (and
visa versa), DC1 would replicate to DC3 (and visa versa again).


 Carlos last reply wasn't on the list but he was able to delete the records. He was still showing bdc on samba-tool drs showrepl'. These are in fact stale records from the sound of it.

You topology seems correct from my understanding. However similar to mine, I do create 'Inter-Site Transport' links across WAN links. But I adjust the cost so as not use the WAN but only in failure or extreme latency issues.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba