Web lists-archives.com

Re: [Samba] Demoting troublesome DC




Set on the  newest DCs the following.

        ldap server require strong auth = no
 
Should help but its adviced to remove it when your done. 

Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens Paul 
> Littlefield via samba
> Verzonden: vrijdag 25 mei 2018 16:46
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: [Samba] Demoting troublesome DC
> 
> Hello,
> 
> I am running in a duplicate test environment of my work domain.
> 
> I have 2 x 4.1 DCs and 2 x 4.7 DCs.
> 
> I have transferred FSMO role to #3 and it is replicating to #4 fine.
> 
> I have demoted #1 which appeared to go fine and have turned it off.
> 
> When I try to demote #2 it fails with the error...
> 
> 
> Using dc3.domain.com as partner server for the demotion
> Password for [DOMAIN\administrator]:
> Desactivating inbound replication
> Asking partner server dc3.domain.com to synchronize from us
> Failed to bind - LDAP error 8 LDAP_STRONG_AUTH_REQUIRED -  
> <SASL:[GSS-SPNEGO]: Sign or Seal are required.> <>
> Failed to connect to 'ldap://dc3.domain.com' with backend 
> 'ldap': (null)
> Error while demoting, re-enabling inbound replication
> ERROR(ldb): Error while changing account control - None
> 
> 
> ...any ideas?
> 
> My first guess is the difference between Gentoo/Samba 4.1 and 
> Ubuntu/4.7
> 
> Thanks in advance.
> 
> -- 
> 
> Paul Littlefield
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba