Web lists-archives.com

[Samba] Demoting troublesome DC




Hello,

I am running in a duplicate test environment of my work domain.

I have 2 x 4.1 DCs and 2 x 4.7 DCs.

I have transferred FSMO role to #3 and it is replicating to #4 fine.

I have demoted #1 which appeared to go fine and have turned it off.

When I try to demote #2 it fails with the error...


Using dc3.domain.com as partner server for the demotion
Password for [DOMAIN\administrator]:
Desactivating inbound replication
Asking partner server dc3.domain.com to synchronize from us
Failed to bind - LDAP error 8 LDAP_STRONG_AUTH_REQUIRED -  <SASL:[GSS-SPNEGO]: Sign or Seal are required.> <>
Failed to connect to 'ldap://dc3.domain.com' with backend 'ldap': (null)
Error while demoting, re-enabling inbound replication
ERROR(ldb): Error while changing account control - None


...any ideas?

My first guess is the difference between Gentoo/Samba 4.1 and Ubuntu/4.7

Thanks in advance.

--

Paul Littlefield


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba