Samba 4 server role, time sync, upgrade from alpha5 to alpha 7
Matthieu Patou
mat at matws.net
Wed Mar 11 20:50:03 GMT 2009
>> The technique used by my other production site was to:
>>
>> backup all of the existing data
>>
>> reprovision (over the top of the existing installation), but add the
>> option --partitions-only to the provision script
>>
>> copy back the secrets.ldb from the backup
> You'll need also to backup idmap.ldb it seems to be overwritten
> (hkcu.ldb as well ..).
> I would also recommend to test everything because my latests tests
> with samba alpha7 showed some regression like: not able to
> administrate the domain with a user in domain admin group using "AD
> user and computers" tool.
>
After more research I discovered that with samba4 you must be in the
Group Administrators (CN=Administrators,CN=Builtin,DC=....) to be able
to use ADCU, by default the administrator account is in this group but
simply admin an account in Domain Admins don't make the job with samba
(but it's ok with w2k and +).
Matthieu.
More information about the samba-technical
mailing list