Thank you for the response. Yes Backup but I need to take my own advice in that an untested backup is not a backup.
I had the PDC virtualize on a ZFS volume and my snapshots are corrupt, and so are my offsite replications.
This is very alarming with ZFS and something I'm looking into. The system my SDC is on a different machine and doesn't have this issue.
Sorry if I was unclear about what caused the main issue but it wasn't the set expiry command, it was the "samba_upgradedns --dns-backend=local" then setting it back to BIND9_DLZ. I might of been able to save it if I ran "samba-tool domain exportkeytab dns.keytab --principal=dns-$(hostname)" first, but there were many other issues.
Regarding the dns.keytab fix - Worked like a charm. Thank you. "samba-tool domain exportkeytab dns.keytab --principal=dns-$(hostname)"
Domain Controller fix:
1. Show the list of who owns the rolls by using:
samba-tool fsmo show
2. Seize all the FSMO roles to the SDC by running this command on the SDC:
samba-tool fsmo seize --role=all
3. Demote the broken domain controller -
https://wiki.samba.org/index.php/Demoting_a_Samba_AD_DC4. Don't change anything in the Zentyal WebAdminconsole Domain Panel
5. Create a new SDC and join it to the domain.
Questions:
1. Is there a way to get the WebAdminconsole Domain Panel updated on the now PDC?
I will be backing up the SDC as is (via the Zentyal WebAdminconsole and a tested snapshot of the system) and will try this out over the weekend.
Will post the outcome.
Thank you, I've gone from panic to hope.