[Samba] DM 3.6.25 -> 4.x
Stefan G. Weichinger
lists at xunil.at
Wed May 30 07:48:04 UTC 2018
Am 2018-05-30 um 09:21 schrieb L.P.H. van Belle:
> Hai Stefan,
>
> Yes, its always better to ask the list, that way everybody can learn from it. ;-)
>
>> Do you think I will have to rejoin it to the domain?
> No i dont think so.
Good, I don't have the ADS-Admin-password (yet) ;-)
I could ask them but for now it's better to not have to.
> Please note, o dont know anything about gentoo except that they have a good wiki/info pages.
> If this was debian, then in this case, what i would extra do here, run :
> samba -b and backup all folders of samba and any thing samba related.
> Export the installed packages list.
>
> Now if you install a new gentoo, import the packages list, and you need the same hostname and ip and the samba backup.
> The files : hosts resolv.conf nsswitch.conf, this is also a bit depending on the use and setup, but review these.
>
> ! Install a the new server, and only pull the packages from the server dont install yet. !
> On debian thats apt-get install packages -d ( download only )
>
> Place the backups on this server and now pull the network connection.
> Install all needed packages, stop samba, put the backup back, start samba.
>
> Reboot the server, "still network detached", review logs and clean up logs, powerdown.
> Power off the old server, so nothing is changed there, change the network cable to the new server, and power up new server.
> If the old server is only used for and with samba, above setups will give a clean installed server with an old samba upgraded.
>
> If moveing to a new isnt an option the make sure you do make a full system backup.
> Clone the harddisk to an other hdd, fasted with minimal chance on error when you restore.
> And this is an fast way to backup, i just attach a bit sata disk and clone the disk.
This will happen in place, no new hardware.
We have backups on tapes everyday, that is part of my job as well.
> The config below is really outdated yes. This is what i would start with.
>
> [global]
> netbios name = U1SECRETCUSTOMER
> netbios aliases = samba
> server string = U1SECRETCUSTOMER
>
> security = ads
> workgroup = SECRETCUSTOMER
> realm = SECRETCUSTOMER.INTRA
>
> domain master = no
> local master = no
> preferred master = no
>
> interfaces = 192.168.100.4/24
> bind interfaces only = Yes
>
> idmap config * : backend = tdb
> idmap config * : range = 2000-9999
> idmap config SECRETCUSTOMER : backend = rid
> idmap config SECRETCUSTOMER : range = 10000-20000
>
> # depending on the samba version. You might need these.
> #idmap config SECRETCUSTOMER : unix_nss_info = yes
> #idmap config SECRETCUSTOMER : unix_primary_group = yes
>
> winbind use default domain = yes
>
> winbind nss info = template
> template homedir = /mnt/MSA2040/smb/Homes/%D/%U
> template shell = /bin/false
>
> vfs objects = acl_xattr
> map acl inherit = Yes
> store dos attributes = Yes
>
> unix extensions = no
> follow symlinks= yes
> wide links= yes
> unix charset = iso8859-15
> force unknown acl user = Yes
>
> load printers = no
> printcap name = /dev/null
> disable spoolss = yes
>
> # Audit settings
> vfs objects = full_audit
> full_audit:prefix = %u|%I|%S
> full_audit:failure = connect
> full_audit:success = mkdir rmdir write pwrite rename unlink chmod fchmod chown fchown ftruncate
> full_audit:facility = local5
> full_audit:priority = notice
Yes, thanks.
The idmap stuff scares me the most ;-)
I will see when to start that, I have to keep the downtime at minimum etc
Would it make sense to do some intermediate step to a lower 4.x version
or go straight from 3.6.25 to 4.8.2 ?
Thanks, Stefan
More information about the samba
mailing list