'samba-tool domain demote --remove-other-dead-server' fails to remove an old Windows AD DC: File "bin/python/samba/remove_dc.py", line 445, in remove_dc remove_dns_account=True) File "bin/python/samba/remove_dc.py", line 368, in offline_remove_ntds_dc remove_dns_account=remove_dns_account) File "bin/python/samba/remove_dc.py", line 245, in offline_remove_server samdb.delete(server_dn) LdbError: (66, 'subtree_delete: Unable to delete a non-leaf node (it has 1 children)!') A transaction is still active in ldb context [0x22f4690] on /home/timbeale/code/samba/backup_temp_dir/private/sam.ldb ERROR(ldb): uncaught exception - subtree_delete: Unable to delete a non-leaf node (it has 1 children)! File "bin/python/samba/netcmd/__init__.py", line 177, in _run return self.run(*args, **kwargs) File "bin/python/samba/netcmd/domain_backup.py", line 55, in inner raise e The problem happens trying to delete the old server object, i.e. CN=<WINDOWS-DC>,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,<DOMAIN> The problem is that Windows has an extra 'DNS Settings' child object underneath the server object, whereas samba doesn't. i.e. CN=DNS Settings,CN=<WINDOWS-DC>,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,<DOMAIN> Reported on mailing list here: https://lists.samba.org/archive/samba/2018-June/216572.html Problem also found while testing the backup/restore tool.
Created attachment 14259 [details] Fix for problem
Created attachment 14488 [details] Cherry-pick of patch for v4.8 branch
Closing bug as it's fixed on v4.9 onwards, and v4.8 is now security-fixes-only.