Hi! In wiki -> https://wiki.samba.org/index.php/Transferring_and_Seizing_FSMO_Roles#Difference_of_Transferring_and_Seizing_FSMO_Roles "If the DC is broken (e. g. hardware defect) and will never come back again, then you can seize the role on a remaining DC. It is very important that the old DC will never be connected to the network again, if it is connected again, this will cause conflicts and lead to an inconsistent AD. This is because the old DC will not notice the change and still feel responsible for tasks related to the role." In my case, the problem is not hardware, but maintenance, but both servers will be connected .... Regards On 06-06-2018 14:58, Rowland Penny via samba wrote:> On Wed, 6 Jun 2018 14:45:03 -0300 > Carlos via samba <samba at lists.samba.org> wrote: > >> But, if you use the "seizi" dc that no longer has the FSMO should be >> removed from the network, right? >> > No, what ever gave you that idea ? > It is true that seizing is mostly used when a DC has died and you > should use 'transfer' where possible, but, as in your case, you can use > 'seize' if needed and keep the DC you are seizing from. > > Rowland > > >
So in theory, you should be able to seize the roles onto the server that you expected would have the role, right? On Wed, Jun 6, 2018 at 11:35 AM, Carlos via samba <samba at lists.samba.org> wrote:> Hi! > > In wiki -> https://wiki.samba.org/index.php/Transferring_and_Seizing_FS > MO_Roles#Difference_of_Transferring_and_Seizing_FSMO_Roles > > "If the DC is broken (e. g. hardware defect) and will never come back > again, then you can seize the role on a remaining DC. It is very important > that the old DC will never be connected to the network again, if it is > connected again, this will cause conflicts and lead to an inconsistent AD. > This is because the old DC will not notice the change and still feel > responsible for tasks related to the role." > > In my case, the problem is not hardware, but maintenance, but both servers > will be connected .... > > Regards > > > > On 06-06-2018 14:58, Rowland Penny via samba wrote: > >> On Wed, 6 Jun 2018 14:45:03 -0300 >> Carlos via samba <samba at lists.samba.org> wrote: >> >> But, if you use the "seizi" dc that no longer has the FSMO should be >>> removed from the network, right? >>> >>> No, what ever gave you that idea ? >> It is true that seizing is mostly used when a DC has died and you >> should use 'transfer' where possible, but, as in your case, you can use >> 'seize' if needed and keep the DC you are seizing from. >> >> Rowland >> >> >> > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On Wed, 6 Jun 2018 15:35:29 -0300 Carlos via samba <samba at lists.samba.org> wrote:> Hi! > > In wiki -> > https://wiki.samba.org/index.php/Transferring_and_Seizing_FSMO_Roles#Difference_of_Transferring_and_Seizing_FSMO_Roles > > "If the DC is broken (e. g. hardware defect) and will never come back > again, then you can seize the role on a remaining DC. It is very > important that the old DC will never be connected to the network > again, if it is connected again, this will cause conflicts and lead > to an inconsistent AD. This is because the old DC will not notice the > change and still feel responsible for tasks related to the role." > > In my case, the problem is not hardware, but maintenance, but both > servers will be connected .... >Well yes, it does say that, but nowhere does it say you cannot seize roles at any time. I did it all the time when I was writing and testing the code to transfer and/or seize the DNS FSMO roles. Just seize the roles!!!!!! samba-tool fsmo seize --force --role=domaindns -U Administrator Rowland
So not the problem of using "seize" when both the OLD-FSMO server and NOVO-FSMo are active and on the network? The problem is to use "seize" if OLD-FSMO is not on the network and then come back? If I understood how it would be .... Regards; On 06-06-2018 15:46, Rowland Penny via samba wrote:> On Wed, 6 Jun 2018 15:35:29 -0300 > Carlos via samba <samba at lists.samba.org> wrote: > >> Hi! >> >> In wiki -> >> https://wiki.samba.org/index.php/Transferring_and_Seizing_FSMO_Roles#Difference_of_Transferring_and_Seizing_FSMO_Roles >> >> "If the DC is broken (e. g. hardware defect) and will never come back >> again, then you can seize the role on a remaining DC. It is very >> important that the old DC will never be connected to the network >> again, if it is connected again, this will cause conflicts and lead >> to an inconsistent AD. This is because the old DC will not notice the >> change and still feel responsible for tasks related to the role." >> >> In my case, the problem is not hardware, but maintenance, but both >> servers will be connected .... >> > Well yes, it does say that, but nowhere does it say you cannot seize > roles at any time. I did it all the time when I was writing and > testing the code to transfer and/or seize the DNS FSMO roles. > > Just seize the roles!!!!!! > > samba-tool fsmo seize --force --role=domaindns -U Administrator > > Rowland > > > >
On Wed, 6 Jun 2018 11:44:47 -0700 Luke Barone via samba <samba at lists.samba.org> wrote:> So in theory, you should be able to seize the roles onto the server > that you expected would have the role, right? >There is no theory about it, you can seize any of the FSMO roles onto any DC, but it is preferred to transfer them. In fact, the seize tries to transfer the role first unless '--force' is given. Rowland