Re: [Samba] Demoting troublesome DC
- Date: Fri, 25 May 2018 17:04:03 +0200
- From: "L.P.H. van Belle via samba" <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Demoting troublesome DC
Set on the newest DCs the following.
ldap server require strong auth = no
Should help but its adviced to remove it when your done.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens Paul
> Littlefield via samba
> Verzonden: vrijdag 25 mei 2018 16:46
> Aan: samba@xxxxxxxxxxxxxxx
> Onderwerp: [Samba] Demoting troublesome DC
> I am running in a duplicate test environment of my work domain.
> I have 2 x 4.1 DCs and 2 x 4.7 DCs.
> I have transferred FSMO role to #3 and it is replicating to #4 fine.
> I have demoted #1 which appeared to go fine and have turned it off.
> When I try to demote #2 it fails with the error...
> Using dc3.domain.com as partner server for the demotion
> Password for [DOMAIN\administrator]:
> Desactivating inbound replication
> Asking partner server dc3.domain.com to synchronize from us
> Failed to bind - LDAP error 8 LDAP_STRONG_AUTH_REQUIRED -
> <SASL:[GSS-SPNEGO]: Sign or Seal are required.> <>
> Failed to connect to 'ldap://dc3.domain.com' with backend
> 'ldap': (null)
> Error while demoting, re-enabling inbound replication
> ERROR(ldb): Error while changing account control - None
> ...any ideas?
> My first guess is the difference between Gentoo/Samba 4.1 and
> Thanks in advance.
> Paul Littlefield
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
To unsubscribe from this list go to the following URL and read the