samba - Nov 2022 - accidentally upgraded DC to 4.17.3 ... didn't work

Am 24.11.22 um 11:12 schrieb Stefan G. Weichinger via samba:
> "dbcheck" lists old components for ADC1, but no errors.
ran dbcheck with --fix etc, cleared some errors

demoted adc1 again

join:

seems to work mostly, but look at adc2:/var/log/samba/log.samba:


[2022/11/24 12:08:32.516992,  0] 
../../source4/librpc/rpc/dcerpc_util.c:681(dcerpc_pipe_auth_recv)
   Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for 
ncacn_ip_tcp:10.0.0.231[49153,seal,krb5,target_hostname=2ea0c6cd-cc15-4db7-8fe3-378491fc08e8._msdcs.arbeitsgruppe.my.tld,target_principal=GC/adc1.arbeitsgruppe.my.tld/arbeitsgruppe.my.tld,abstract_syntax=e3514235-4b06-11d1-ab04-00c04fc2dcd2/0x00000004,localaddress=10.0.0.230]
NT_STATUS_UNSUCCESSFUL
[2022/11/24 12:08:32.577452,  2] 
../../source4/librpc/rpc/dcerpc.c:1150(dcerpc_bind_recv_handler)
   dcerpc: bind_nak reason 0 - NT_STATUS_UNSUCCESSFUL


somehow the 2 DCs can't talk to each other?

Am 24.11.22 um 12:10 schrieb Stefan G. Weichinger via
samba:
> Am 24.11.22 um 11:12 schrieb Stefan G. Weichinger via samba:
> somehow the 2 DCs can't talk to each other?
I assume that somehow the adc1 comes with a wrong "identity" somehow.

"samba-tool dbcheck --cross-nc --fix" on adc2 works ok.

But there is some mismatch:

[2022/11/24 12:37:11.755128,  1] 
../../source4/dsdb/common/util.c:4978(dsdb_validate_dsa_guid)
   ../../source4/dsdb/common/util.c:4978: Failed to find DSA objectGUID 
afe62553-1846-4d35-96c1-1b939cec36f2 for sid 
S-1-5-21-2777655458-4002997014-749295002-5650

I assume I have to remove something from LDAP or so ... pls advise.

(short and nervous lunch now)