On 12/07/16 13:33, Jason Waters wrote:> This is what I would do. > > 1. Make sure everything is off of the 2008 machine so you don't need to > turn it back on > 2. Shut down the 2008 machine > 2.5 Update your DNS on the samba machine to be the samba machine, not the > 2008 DC > 3. Test everything and make sure samba is fully working on your domain > 4. Test everything again > 5. Test! > 6. Seize the roles on your samba machine, samba-tool fsmo seize --force > --role=all -Uadministrator > I don't think you need the -U, but just in caseYes you do, it is required if you are transferring or seizing the DNS FSMO roles.> 7. Reboot that machine and make sure everything looks good > 8. make sure samba-tool fsmo show, shows all 7 roles of the samba machine > 9. From a workstation, run the Metadata clean.vbs script. This will remove > the replication to the now off 2008 DCThis is what 'samba-tool domain demote --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER' does on Samba 4.4.0 up Rowland> 10. Reboot the samba box > 11. run samba-tool drs showrepl and it shouldn't show any partners > 12. Once that is done you should just have samba. You can then add more > DC's with > > samba-tool domain join domain.local DC -UAdministrator > > and any other options you need. > > >
I will test this Thanks ;-) Anderson Hoffmann do Carmo MCP | MTA | MCDST | MCTS | MCSA | MS | MOS | ITIL-F | ISFS | CLOUDF | CI-SCS | VCA-DCV | 2016-07-12 9:45 GMT-03:00 Rowland penny <rpenny at samba.org>:> On 12/07/16 13:33, Jason Waters wrote: > >> This is what I would do. >> >> 1. Make sure everything is off of the 2008 machine so you don't need to >> turn it back on >> 2. Shut down the 2008 machine >> 2.5 Update your DNS on the samba machine to be the samba machine, not the >> 2008 DC >> 3. Test everything and make sure samba is fully working on your domain >> 4. Test everything again >> 5. Test! >> 6. Seize the roles on your samba machine, samba-tool fsmo seize --force >> --role=all -Uadministrator >> I don't think you need the -U, but just in case >> > > Yes you do, it is required if you are transferring or seizing the DNS FSMO > roles. > > 7. Reboot that machine and make sure everything looks good >> 8. make sure samba-tool fsmo show, shows all 7 roles of the samba machine >> 9. From a workstation, run the Metadata clean.vbs script. This will >> remove >> the replication to the now off 2008 DC >> > > This is what 'samba-tool domain demote > --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER' does on Samba 4.4.0 up > > Rowland > > 10. Reboot the samba box >> 11. run samba-tool drs showrepl and it shouldn't show any partners >> 12. Once that is done you should just have samba. You can then add more >> DC's with >> >> samba-tool domain join domain.local DC -UAdministrator >> >> and any other options you need. >> >> >> >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Hi Jason/Rowland Great news! the following procedure worked perfectly... I added at the end "Remove manually Windows DC entries in DNS" The script used in step 9 was " https://gallery.technet.microsoft.com/scriptcenter/d31f091f-2642-4ede-9f97-0e1cc4d577f3 " *Very thanks for all!* Anderson Hoffmann do Carmo MCP | MTA | MCDST | MCTS | MCSA | MS | MOS | ITIL-F | ISFS | CLOUDF | CI-SCS | VCA-DCV | 2016-07-12 9:55 GMT-03:00 Anderson Hoffmann do Carmo < anderson.hoffmann at gsurfnet.com>:> I will test this > Thanks ;-) > > Anderson Hoffmann do Carmo > MCP | MTA | MCDST | MCTS | MCSA | MS | MOS | > ITIL-F | ISFS | CLOUDF | CI-SCS | VCA-DCV | > > > > 2016-07-12 9:45 GMT-03:00 Rowland penny <rpenny at samba.org>: > >> On 12/07/16 13:33, Jason Waters wrote: >> >>> This is what I would do. >>> >>> 1. Make sure everything is off of the 2008 machine so you don't need to >>> turn it back on >>> 2. Shut down the 2008 machine >>> 2.5 Update your DNS on the samba machine to be the samba machine, not the >>> 2008 DC >>> 3. Test everything and make sure samba is fully working on your domain >>> 4. Test everything again >>> 5. Test! >>> 6. Seize the roles on your samba machine, samba-tool fsmo seize --force >>> --role=all -Uadministrator >>> I don't think you need the -U, but just in case >>> >> >> Yes you do, it is required if you are transferring or seizing the DNS >> FSMO roles. >> >> 7. Reboot that machine and make sure everything looks good >>> 8. make sure samba-tool fsmo show, shows all 7 roles of the samba machine >>> 9. From a workstation, run the Metadata clean.vbs script. This will >>> remove >>> the replication to the now off 2008 DC >>> >> >> This is what 'samba-tool domain demote >> --remove-other-dead-server=REMOVE_OTHER_DEAD_SERVER' does on Samba 4.4.0 up >> >> Rowland >> >> 10. Reboot the samba box >>> 11. run samba-tool drs showrepl and it shouldn't show any partners >>> 12. Once that is done you should just have samba. You can then add more >>> DC's with >>> >>> samba-tool domain join domain.local DC -UAdministrator >>> >>> and any other options you need. >>> >>> >>> >>> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > >