Demoting an offline DC

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Demoting an offline DC

Samba - General mailing list
Hi,

I have an offline DC that i want to demote and i read here
https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC#Demoting_an_Offline_Domain_Controller
that my samba version has to be at least 4.4, but all my DCs have samba
4.3.11. Is it enough if just one of the DCs has samba 4.4+ or does all my
DCs need at least samba 4.4 for demoting an offline DC?

Also, is there a way of demoting on offline DC with samba older than 4.4?
Maybe if i create a DC with the same name as the one i want to remove, join
the domain and then do a proper demoting?
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Demoting an offline DC

Samba - General mailing list
On 2017-07-12 14:07, Mitocariu Emilian via samba wrote:
> Hi,
>
> I have an offline DC that i want to demote and i read here
> https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC#Demoting_an_Offline_Domain_Controller
> that my samba version has to be at least 4.4, but all my DCs have samba
> 4.3.11. Is it enough if just one of the DCs has samba 4.4+ or does all my
> DCs need at least samba 4.4 for demoting an offline DC?

Update all DCs, then do offline demoting. Everything else will lead to
AD replication breaking in fun and exciting ways.

> Also, is there a way of demoting on offline DC with samba older than 4.4?
> Maybe if i create a DC with the same name as the one i want to remove, join
> the domain and then do a proper demoting?

That breaks AD even harder, don't even try it.

--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas, Systemadministrator
Mail/XMPP [hidden email] | Skype sven.schwedas
TAO Digital | Lendplatz 45 | A8020 Graz
https://www.tao-digital.at | Tel +43 680 301 7167

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Demoting an offline DC

Samba - General mailing list
In reply to this post by Samba - General mailing list
On Wed, 2017-07-12 at 15:07 +0300, Mitocariu Emilian via samba wrote:

> Hi,
>
> I have an offline DC that i want to demote and i read here
> https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC#Demoting_an_Offline_Domain_Controller
> that my samba version has to be at least 4.4, but all my DCs have samba
> 4.3.11. Is it enough if just one of the DCs has samba 4.4+ or does all my
> DCs need at least samba 4.4 for demoting an offline DC?
>
> Also, is there a way of demoting on offline DC with samba older than 4.4?
> Maybe if i create a DC with the same name as the one i want to remove, join
> the domain and then do a proper demoting?

All the --remove-other-dead-server logic is in the samba-tool command,
so just run that command from a modern Samba, pointing at a live DC
with -H ldap://gooddc.example.com

Remember to authenticate, eg with -U.

I hope this helps,

Andrew Bartlett

--
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
Loading...