Hi Giedrius,
i've got initial setup on DC1 (4.0.1)... all working good and flawless Added additional geographically distributed controllers (DC2, DC3, DC4,DC5) with 4.0.5 - no problem. All PC's can connect to their own site/DCTransferred all FSMO's to DC2 - transferred successfully (with seize "error" bug) DC1 crashed badly.... during maintenance, SAMBA was updated to 4.0.5, data restored from backup. Now, the problem is: 1) DC1 sees itself as owner of all FSMO's, although DC[2,3,4,5] sees DC2 as owner of FSMO's 3) DC1 is missing some users (created between backup and crash), wbinfo for these users return E_DOMAIN_NOT_FOUND 4) Got "decrypt integrity check failed" errors, fixed with chtdcpass, witch not results to "Failed to find HOST$#DOMAIN(kvno)" (client reboot seems to fix this) 4) any attempt to replicate missing information from DC2/DC3 to DC1 (samba-tool drs replicate) results in errors after it (cannot find own NTDS) 5) impossible to demote / unjoin server and provision from scratch - some DRS errors Question is: how can i change FSMO owner (ldbedit ?) on DC1 to be DC2 and then: a) replicate missing users (and computer trust accounts) to DC1 b) force removing DC1 from domain for good ( reinstall from scratch ) Domain as a whole recreation from scratch is sadly *not* an option :(
On https://wiki.samba.org/index.php/Backup_and_Recovery#General it is clearly stated that you shouldn't restore a DC from backup in a multi DC environment.
Others DC have evolved since you backed up your data, and you cannot have synchronisation with the other DCs. It is not a Samba problem, but it is by design because the multi master replication between DCs.
You should just re-install samba4 4.0.5 on your DC1 server, and then join it to the domain as a DC, it will synchronise and all will be back to normal.
Cheers, Denis
-- Denis Cardon Tranquil IT Systems Les Espaces Jules Verne, bâtiment A 12 avenue Jules Verne 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.57.55 http://www.tranquil-it-systems.fr -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
