samba - Aug 2020 - Switching roles between 2 DCs

Being a newbie to Samba 4 and OpenLDAP I am setting up a DC going
exactly by the rules, testing and taking my time. I got to the point
where I would switch, just testing, roles from DC1 to DC2 and vice
versa. Switching all roles from DC1 to DC2 was a piece of cake,
reswitching "domaindns" and "forestdns" to DC1 wasn't,
though:

samba-tool fsmo transfer --role=domaindns -k yes
Password for [MY_DOMAIN\root]:
Failed to bind - LDAP client internal error: NT_STATUS_LOGON_FAILURE
Failed to connect to
'ldap://1b3fd128-1bd3-40fb-bc6c-9f943cac6e9e._msdcs.MY_DOMAIN.NEW' with
backend 'ldap': LDAP client internal error: NT_STATUS_LOGON_FAILURE
ERROR(ldb): uncaught exception - LDAP client internal error:
NT_STATUS_LOGON_FAILURE
? File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
line
177, in _run? ?? return self.run(*args, **kwargs)
? File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
528, in run? ?? transfer_dns_role(self.outf, sambaopts, credopts, role,
samdb)
? File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line
104, in transfer_dns_role? ?? credentials=creds, lp=lp)
? File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 64, in
__init__??? options=options)
? File "/usr/lib/python2.7/dist-packages/samba/__init__.py", line 115,
in __init__??? self.connect(url, flags, options)
? File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 79, in
connect??? options=options)

Any ideas?

Thank you

Lothar Schilling

On 11/08/2020 14:01, Lothar Schilling via samba wrote:
> samba-tool fsmo transfer --role=domaindns -k yes
> Password for [MY_DOMAIN\root]:
>
>
> Any ideas?
Yes, run 'kinit Administrator' before you run the samba-tool command.

Rowland

Yep, that did it, thanks a lot, "-k yes" wasn't good enough. There
now
was another error, though:

ERROR(<type 'exceptions.AttributeError'>): uncaught exception -
'module'
object has no attribute 'drs_utils'

The solution offered and working is inserting

? import samba
? import samba.getopt as options
? import ldb
+import samba.drs_utils
? from ldb import LdbError

into

/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py

Lothar

Am 11.08.2020 um 15:36 schrieb Rowland penny via samba:
> On 11/08/2020 14:01, Lothar Schilling via samba wrote:
>> samba-tool fsmo transfer --role=domaindns -k yes
>> Password for [MY_DOMAIN\root]:
>>
>> Any ideas?
>
> Yes, run 'kinit Administrator' before you run the samba-tool
command.
>
> Rowland
>
>
>