Remove Slave Server from Domain

What is the best way to remove a slave server from domain so then can be possible add it again?
I have deleted the entries from ldap and domain, the reinstall a new slave server but when i try do join the new install i get the following error


  • Join failed! *
  • Contact your system administrator *

  • Message: failed to create DC Slave (1) [E: Object exists: (mac) 00:18:71:76:97:f8]


Any suggestion?


How exactly did you try to remove the computer?
Please review setup.log and join.log in /var/log/univention/ there could be more details in those logs.

Apparently the DHCP Object is still there.
The best way is to delete the computer object from the Devices -> Computers module in UMC.

You can also use udm in the command line, something like:

udm computers/domaincontroller_slave remove --dn=“cn=ucsslave,cn=dc,cn=computers,dc=domain,dc=test”

Please try to check the logs to get more information about your problem and try to completely remove the machine with the udm command, and let us know how it goes.

I have done that, but i find the problem is with RODC variable that i set like the manual says, if we want a slave server as read only.

I have deleted the computer from devices, remove dns entrys and remove the variable samba4/role and then the join works


The command to remove the machine is to be run on the UCS DC Master. The related entries (DNS, DHCP, etc.) are meant to be removed automatically after that.

Is your problem solved now and the server is joined?
Please try to describe a bit more what you are trying to set up (and attach some logs), if you still have some doubts.



Yes now is working.

What i want to do is join a slave server (active directory) in RODC mode, and that i can’t. The join always fail 96univention-samba4 and 98univention-samba4-dns with this erros

Finding a writeable DC for domain 'ccm.local' Found DC ccmdc01.ccm.local workgroup is CCM realm is ccm.local ERROR(ldb): uncaught exception - LDAP error 53 LDAP_UNWILLING_TO_PERFORM - <Failed to find primary group with RID 521!> <> File "/usr/lib/python2.7/dist-packages/samba/netcmd/", line 175, in _run return*args, **kwargs) File "/usr/lib/python2.7/dist-packages/samba/netcmd/", line 626, in run dns_backend=dns_backend, keep_existing=keep_existing) File "/usr/lib/python2.7/dist-packages/samba/", line 1157, in join_RODC ctx.do_join() File "/usr/lib/python2.7/dist-packages/samba/", line 1093, in do_join ctx.join_add_objects() File "/usr/lib/python2.7/dist-packages/samba/", line 543, in join_add_objects ctx.samdb.add(rec) checking sAMAccountName Adding CN=FELDC01,OU=Domain Controllers,DC=ccm,DC=local Join failed - cleaning up checking sAMAccountName Failed to join the domain ccm.local. EXITCODE=1 RUNNING 98univention-samba4-dns.inst 2015-09-15 16:24:48.211158780+01:00 (in joinscript_init) Samba4 backend database not available yet, exiting joinscript 98univention-samba4-dns. EXITCODE=1

I only can do the join with success when i remove the ucr variable samba4/role that i have set prior to univention-samba install, as per