hi .
a DC server has been physically moved to another site and network, without
notify me!
So now I have the new DC with different ip address.
This DC is part of multi DC Domain Enviroment.
I tyried to follows this instruction :
https://wiki.samba.org/index.php/Changing_the_IP_Address_of_a_Samba_AD_DC
It can ping the other DC's :
root at exme-dc:~# ping dc1.wdc.DOMAIN.it
PING dc1.wdc.DOMAIN.it (172.32.1.6) 56(84) bytes of data.
64 bytes from 172.32.1.6 (172.32.1.6): icmp_seq=1 ttl=62 time=23.0 ms
64 bytes from 172.32.1.6 (172.32.1.6): icmp_seq=2 ttl=62 time=22.6 ms
^C
but when trying to demote I get ( expected ) error:
root at exme-dc:~# samba-tool domain demote -U administrator
Using dc1.wdc.DOMAIN.it as partner server for the demotion
Password for [WDC\administrator]:
Deactivating inbound replication
Asking partner server dc1.wdc.DOMAIN.it to synchronize from us
Error while replicating out last local changes from
'CN=Schema,CN=Configuration,DC=wdc,DC=DOMAIN,DC=it' for demotion,
re-enabling inbound replication
ERROR(<class 'samba.NTSTATUSError'>): Error while sending a
DsReplicaSync for partition
'CN=Schema,CN=Configuration,DC=wdc,DC=DOMAIN,DC=it' - (3221225653,
'{Device Timeout} The specified I/O operation on %hs was not completed
before the time-out period expired.')
root at exme-dc:~#
Any suggestion how to workaround this situation?
thank's
rf
Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood
Avenue - Suite 200 - Raleigh, NC 27612 - USA -
Tel +39 0341 220 205 - info.it at yetopen.com | Phone +1 919-817-8106 - info.us
at yetopen.com
Think green - Non stampare questa e-mail se non necessario / Don't print
this email unless necessary
-------- D.Lgs. 196/2003 e GDPR 679/2016 --------
Tutte le informazioni contenute in questo messaggio sono riservate ed a uso
esclusivo del destinatario.
Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da
ritenere confidenziali e riservate secondo i termini
del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo
679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non
autorizzata.
Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad
eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci
non appena possibile.
Grazie.
Confidentiality notice: this email message including any attachment is for the
sole use of the intended recipient and may contain confidential and privileged
information;
pursuant to Legislative Decree 196/2003 and the European General Data Protection
Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or
distribution
is prohibited. If you are not the intended recepient please delete this message
without copying, printing or forwarding it to others, and alert us as soon as
possible.
Thank you.
On Tue, 18 Feb 2025 11:19:05 +0100 (CET) Fabrizio Rompani via samba <samba at lists.samba.org> wrote:> hi . > a DC server has been physically moved to another site and network, > without notify me! > > So now I have the new DC with different ip address. > This DC is part of multi DC Domain Enviroment. > > I tyried to follows this instruction : > https://wiki.samba.org/index.php/Changing_the_IP_Address_of_a_Samba_AD_DC > > It can ping the other DC's : > root at exme-dc:~# ping dc1.wdc.DOMAIN.it > PING dc1.wdc.DOMAIN.it (172.32.1.6) 56(84) bytes of data. > 64 bytes from 172.32.1.6 (172.32.1.6): icmp_seq=1 ttl=62 time=23.0 ms > 64 bytes from 172.32.1.6 (172.32.1.6): icmp_seq=2 ttl=62 time=22.6 ms > ^C > > but when trying to demote I get ( expected ) error: > > root at exme-dc:~# samba-tool domain demote -U administrator > Using dc1.wdc.DOMAIN.it as partner server for the demotion > Password for [WDC\administrator]: > Deactivating inbound replication > Asking partner server dc1.wdc.DOMAIN.it to synchronize from us > Error while replicating out last local changes from > 'CN=Schema,CN=Configuration,DC=wdc,DC=DOMAIN,DC=it' for demotion, > re-enabling inbound replication ERROR(<class 'samba.NTSTATUSError'>): > Error while sending a DsReplicaSync for partition > 'CN=Schema,CN=Configuration,DC=wdc,DC=DOMAIN,DC=it' - (3221225653, > '{Device Timeout} The specified I/O operation on %hs was not > completed before the time-out period expired.') root at exme-dc:~# > > Any suggestion how to workaround this situation? > thank's > rf >Shutdown the DC. Forcibly demote the DC from the domain with: samba-tool domain demote --remove-other-dead-server=exme-dc Once the DC is demoted, ensure it is never started again. I would also suggest that you give your DCs fixed IPs, so it never happens again. Rowland
thank's Roland.
rf
Da: "Fabrizio Rompani" <fabrizio.rompani at yetopen.com>
A: "samba" <samba at lists.samba.org>
Inviato: Marted?, 18 febbraio 2025 11:19:05
Oggetto: Change IP to DC
hi .
a DC server has been physically moved to another site and network, without
notify me!
So now I have the new DC with different ip address.
This DC is part of multi DC Domain Enviroment.
I tyried to follows this instruction :
https://wiki.samba.org/index.php/Changing_the_IP_Address_of_a_Samba_AD_DC
It can ping the other DC's :
root at exme-dc:~# ping dc1.wdc.DOMAIN.it
PING dc1.wdc.DOMAIN.it (172.32.1.6) 56(84) bytes of data.
64 bytes from 172.32.1.6 (172.32.1.6): icmp_seq=1 ttl=62 time=23.0 ms
64 bytes from 172.32.1.6 (172.32.1.6): icmp_seq=2 ttl=62 time=22.6 ms
^C
but when trying to demote I get ( expected ) error:
root at exme-dc:~# samba-tool domain demote -U administrator
Using dc1.wdc.DOMAIN.it as partner server for the demotion
Password for [WDC\administrator]:
Deactivating inbound replication
Asking partner server dc1.wdc.DOMAIN.it to synchronize from us
Error while replicating out last local changes from
'CN=Schema,CN=Configuration,DC=wdc,DC=DOMAIN,DC=it' for demotion,
re-enabling inbound replication
ERROR(<class 'samba.NTSTATUSError'>): Error while sending a
DsReplicaSync for partition
'CN=Schema,CN=Configuration,DC=wdc,DC=DOMAIN,DC=it' - (3221225653,
'{Device Timeout} The specified I/O operation on %hs was not completed
before the time-out period expired.')
root at exme-dc:~#
Any suggestion how to workaround this situation?
thank's
rf
Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood
Avenue - Suite 200 - Raleigh, NC 27612 - USA -
Tel +39 0341 220 205 - info.it at yetopen.com | Phone +1 919-817-8106 - info.us
at yetopen.com
Think green - Non stampare questa e-mail se non necessario / Don't print
this email unless necessary
-------- D.Lgs. 196/2003 e GDPR 679/2016 --------
Tutte le informazioni contenute in questo messaggio sono riservate ed a uso
esclusivo del destinatario.
Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da
ritenere confidenziali e riservate secondo i termini
del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo
679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non
autorizzata.
Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad
eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci
non appena possibile.
Grazie.
Confidentiality notice: this email message including any attachment is for the
sole use of the intended recipient and may contain confidential and privileged
information;
pursuant to Legislative Decree 196/2003 and the European General Data Protection
Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or
distribution
is prohibited. If you are not the intended recepient please delete this message
without copying, printing or forwarding it to others, and alert us as soon as
possible.
Thank you.