[Samba] LDB Tools best practices
Perttu Aaltonen
perttu.aaltonen at mac.com
Fri Oct 27 08:32:02 UTC 2023
> On 26. Oct 2023, at 17.49, Rowland Penny via samba <samba at lists.samba.org> wrote:
>
> On Thu, 26 Oct 2023 17:02:34 +0300
> Perttu Aaltonen via samba <samba at lists.samba.org> wrote:
>
>> Quick question. Can the LDB tools that modify the database files
>> directly be used without stopping Samba DC? Specifically ldbmodify?
>
> No problem, also you can use the machine password '-P' for most searches
>
>>
>> What about when there are more than one DC? Anything to take into
>> account or best practices?
>
> The better question would be, 'What if there are multiple sysadmins ?',
> you should always have more than one DC.
>
> With multiple sysadmins, you could get 'collisions', especially if they
> try to change the same object on different DCs, so best practice would
> be to always do any changes on one DC (Usually the one holding the
> PDC_Emulator FSMO role).
>
> Rowland
>
Thanks Rowland. Now to write a ldbmodify script...
-Perttu
More information about the samba
mailing list