Displaying 20 results from an estimated 10000 matches similar to: "Cleaning up old DC DNS records"
2017 Sep 06
0
Cleaning up old DC DNS records
On Tue, 2017-09-05 at 18:39 -0400, Patrick Lepore via samba wrote:
> Hi, I demoted a running domain controller by running the samba-tool demote
> command on the running system to be demoted and there's still some DNS
> entries for the old one kicking around. It's still listed under _msdcs and
> also _kerberos._udp and _ldap._tcp.
>
> Should I manually remove them?
2016 Apr 02
1
Demote a working DC fails with uncaught exception
On 01/04/16 22:38, spindles7 wrote:
> Hi Rowland,
> Have tried your patch, and now the Demote succeeds:
>
> root at dc3:~# samba-tool domain demote -Uadministrator
> Using dc1.microlynx.com as partner server for the demotion
> Password for [MICROLYNX\administrator]:
> Deactivating inbound replication
> Asking partner server dc1.microlynx.com to synchronize from us
>
2018 Aug 21
3
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
> So you never read this:
> https://wiki.samba.org/index.php/Changing_the_DNS_Back_End_of_a_Samba_AD_DC
> Which means that you probably never ran the aptly named
> 'samba_upgradedns'Of course I ran this. Many times. I'm not stupid, Rowland. At least I can read:D
If I've seen that Bind doesn't work, I had to change backend to internal DNS.I carefully read and made
2018 Jan 15
2
Demote a samba DC and rejoin as member
Hello,
I had tried to demote a samba DC and re-join it as a member over the
weekend, but something went horribly wrong.
Starting point was a samba DC which also acted as a file server. It was
the single DC in that domain.
I first set up a Windows 2008 R2 machine and promoted it to DC within
the same domain. I then changed DNS entries on all machines to point to
the new DC, transferred the FSMO
2018 Feb 07
1
after a couple of year of success is not possible to add workstations to domain
Hi Massimo,
>>>
>>>> Il 05/02/2018 16:41, Rowland Penny ha scritto:
>>>>> On Mon, 5 Feb 2018 16:01:27 +0100
>>>>> "Massimo Donato - Adcom.it via samba" <samba at lists.samba.org> wrote:
>>>>>
>>>>>> */Hi all,
>>>>>> after a couple of year of successfully working samba AD DC
2018 Feb 07
2
after a couple of year of success is not possible to add workstations to domain
*//*
Hi Denis,
Il 06/02/2018 20:05, Denis Cardon via samba ha scritto:
> Hi Massimo,
>
>> Il 05/02/2018 16:41, Rowland Penny ha scritto:
>>> On Mon, 5 Feb 2018 16:01:27 +0100
>>> "Massimo Donato - Adcom.it via samba" <samba at lists.samba.org> wrote:
>>>
>>>> */Hi all,
>>>> after a couple of year of successfully
2015 Dec 10
2
Authentication to Secondary Domain Controller initially fails when PDC is offline
On 10/12/15 14:00, Ole Traupe wrote:
>
>
> Am 10.12.2015 um 14:38 schrieb Rowland penny:
>> On 10/12/15 13:25, Ole Traupe wrote:
>>> Is it possible that kdc server is always the SOA, at least if
>>> derived from DNS and not specified *explicitly* in the krb5.conf?
>>>
>>> In my DNS-Manager console I find that
>>>
>>>
2015 Dec 10
4
Authentication to Secondary Domain Controller initially fails when PDC is offline
On 10/12/15 14:40, Ole Traupe wrote:
>
>>> However, my 2nd DC is not that new, I restarted it many times, just
>>> again (samba service). No DNS records are created anywhere.
>>>
>>> If I go through the DNS console, in each and every container there
>>> is some entry for the 1st DC, but none for the 2nd (except on the
>>> top levels: FQDN
2015 Jul 23
2
4.2.2 as AD with 2 DCs: database incoherency
On 23/07/15 16:23, mathias dufresne wrote:
> Hi all,
>
> I tried "samba-tool ldapcmp" several times to solve this issue, without
> success.
>
> On DC acting as full FSMO:
> dc20:~# samba-tool ldapcmp ldap://dc00.ad.dgfip.lan
> ldap://dc20.ad.dgfip.lan domain
> ERROR(ldb): uncaught exception - ldb_wait: Time limit exceeded (3)
> File
2019 Feb 15
6
Demoted/removed a DC, and the NS records?
Following:
https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC
i've demoted and removed a DC. Seems all went as expected:
root at vdcud1:~# samba-tool domain demote --server=vdcsv1.ad.fvg.lnf.it -U gaio
Using vdcsv1.ad.fvg.lnf.it as partner server for the demotion
Password for [LNFFVG\gaio]:
Deactivating inbound replication
Asking partner server vdcsv1.ad.fvg.lnf.it to synchronize
2015 Oct 30
2
Demote a dead PDC: residuals in "DNS" console
On 10/29/2015 9:56 AM, Ole Traupe wrote:
>
>
> Am 29.10.2015 um 14:37 schrieb James:
>> On 10/29/2015 9:15 AM, Ole Traupe wrote:
>>>
>>>
>>> Am 29.10.2015 um 13:54 schrieb mathias dufresne:
>>>> Thank you for hint to this VBS script. In fact I alraedy saw it but
>>>> I'm not
>>>> too confident in my VB knowledge, so
2015 Oct 30
2
Demote a dead PDC: residuals in "DNS" console
On 10/30/2015 9:19 AM, Ole Traupe wrote:
>
>
> Am 30.10.2015 um 13:33 schrieb James:
>> On 10/29/2015 9:56 AM, Ole Traupe wrote:
>>>
>>>
>>> Am 29.10.2015 um 14:37 schrieb James:
>>>> On 10/29/2015 9:15 AM, Ole Traupe wrote:
>>>>>
>>>>>
>>>>> Am 29.10.2015 um 13:54 schrieb mathias dufresne:
2015 Oct 29
2
Demote a dead PDC: residuals in "DNS" console
On 10/29/2015 9:15 AM, Ole Traupe wrote:
>
>
> Am 29.10.2015 um 13:54 schrieb mathias dufresne:
>> Thank you for hint to this VBS script. In fact I alraedy saw it but
>> I'm not
>> too confident in my VB knowledge, so I didn't use that script, prefering
>> rely on Samba command and shell scripts to work around issues.
>>
>> You spoke about SOA
2015 Mar 09
2
ad dc demotion fails trying to use non-existent dc as 'partner server for the4 demontion'
I'm trying to demote dc3 from msad dc service.
As the root user, I type this command:
samba-tool domain demote -Uadministrator
which fails with this error:
"Using dc2.infinity.local as partner server for the demotion"
The problem is that dc2 was demoted some weeks ago, and is no longer running samba4.
Is there a way I can force dc3 to use a different dc as the
2015 Oct 29
3
Demote a dead PDC: residuals in "DNS" console
Thank you for hint to this VBS script. In fact I alraedy saw it but I'm not
too confident in my VB knowledge, so I didn't use that script, prefering
rely on Samba command and shell scripts to work around issues.
You spoke about SOA record which wasn't changed, same here. There is
another DNS record I had to change: _ldap._tcp.pdc._msdcs.samba.domain.tld.
I spoke about removing
2015 Oct 29
2
Demote a dead PDC: residuals in "DNS" console
Hi,
I played with demote recently on a test AD domain composed with Samba
version 4.3.0 and 4.3.1. I demoted all version 4.3.0.
I was facing same issue as you. I written long mails here to explain how I
managed that. My DNS looks clear now.
Today I played with AD sites and I found in default sites all demoted DC.
They weren't removed from DNS DB nor here. For now I have no idea how to
get
2015 Oct 30
2
Demote a dead PDC: residuals in "DNS" console
On 10/30/2015 10:11 AM, Ole Traupe wrote:
>
>
> Am 30.10.2015 um 14:56 schrieb James:
>> On 10/30/2015 9:19 AM, Ole Traupe wrote:
>>>
>>>
>>> Am 30.10.2015 um 13:33 schrieb James:
>>>> On 10/29/2015 9:56 AM, Ole Traupe wrote:
>>>>>
>>>>>
>>>>> Am 29.10.2015 um 14:37 schrieb James:
2018 Jan 17
3
User Permissions issue
Hi Denis & Rowland
Thanks for the suggestion to trim the smb.conf after which the DC-1 is
connecting to the Windows Server 2008 shared folder smbclient -k
//IUMSVRAPP01/Pastel12 -d 9
and DC-2 is also connecting after using the DNS name of the Windows server.
*You'd better switch your DNS to Bind-DLZ. Internal DNS is not that good
for larger site (looking at your DNS domain name, I guess
2019 Jul 31
3
GPO issues - getting SYSVOL cleaned up again
On 31/07/2019 12:04, Stefan G. Weichinger via samba wrote:
> Am 31.07.19 um 12:50 schrieb Rowland penny via samba:
>> On 31/07/2019 11:40, Stefan G. Weichinger via samba wrote:
>>> Am 31.07.19 um 12:32 schrieb Rowland penny via samba:
>>>> On 31/07/2019 11:22, Stefan G. Weichinger via samba wrote:
>>>>> "dc" was the old name a few years ago
2019 Jul 31
2
GPO issues - getting SYSVOL cleaned up again
"--seize" helped:
root at pre01svdeb03:~# samba-tool fsmo show
SchemaMasterRole owner: CN=NTDS
Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at
InfrastructureMasterRole owner: CN=NTDS
Settings,CN=PRE01SVDEB03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=pilsbacher,DC=at
RidAllocationMasterRole owner: