I followed the "Demoting_a_Samba_AD_DC" on the Samba Wiki. After demoting the online controller and receiving a "successful" notation I scrolled down to the "Verifying The Demotion" via the listed Windows RSAT. The controller was not listed as a domain controller any more. Only the remaining two DC's appeared. Great! The "Active Directory Sites and Services" still listed the old dc but, there was no "NTDS Settings" listed as related to it. So, I right clicked and deleted. Then I began looking in the DNS Manager application and under "_ msdc.samdom.example.com" there are a lot of listing still showing the old DC. First on the list is the "Start od Authority (SOA)" record. Many within the "Forward lookup zone" under my domain name. Also under the "Reverse Lookup Zones." Will these DNS listings clear themselves with time or do I have a problem here? -- Thank you. Bob Wooden
On Thu, 2018-03-08 at 17:49 -0600, Robert Wooden via samba wrote:> Will these DNS listings clear themselves with time or do I have a problem > here?They won't clear themselves, but Samba 4.9 in September will have tools to clear this up better (a client has asked me to make this behave better, so we are improving Samba in this area). A 'samba-tool dns cleanup' command has already landed in master that will remove references. Finally the SOA isn't an issue any longer as in Samba 4.7 that will beover-stamped with the current server name. Andrew Bartlett -- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Development and Support, Catalyst IT https://catalyst.net.nz/services/samba
So, for now, should I work my way through the DNS manager and delete any references for the old dc manually or just leave it alone? On Thu, Mar 8, 2018 at 6:16 PM, Andrew Bartlett <abartlet at samba.org> wrote:> On Thu, 2018-03-08 at 17:49 -0600, Robert Wooden via samba wrote: > > Will these DNS listings clear themselves with time or do I have a problem > > here? > > They won't clear themselves, but Samba 4.9 in September will have tools > to clear this up better (a client has asked me to make this behave > better, so we are improving Samba in this area). > > A 'samba-tool dns cleanup' command has already landed in master that > will remove references. > > Finally the SOA isn't an issue any longer as in Samba 4.7 that will > beover-stamped with the current server name. > > Andrew Bartlett > > -- > Andrew Bartlett > https://samba.org/~abartlet/ > Authentication Developer, Samba Team https://samba.org > Samba Development and Support, Catalyst IT > https://catalyst.net.nz/services/samba > > > > >-- Thank you. Bob Wooden Toll-Free 1.844.DTROPHY (844.387.6749) Local 615.885.2846 www.donelsontrophy.com *"Everyone deserves an award!!"*