[Samba 4] FSMO roles change research
nadezhda.ivanova at postpath.com
Sat Jan 16 17:30:51 MST 2010
----- Original Message -----
> From: tridge at samba.org <tridge at samba.org>
> To: Nadezhda Ivanova <nadezhda.ivanova at postpath.com>
> Cc: samba-technical at samba.org <samba-technical at samba.org>
> Sent: Sunday, January 17, 2010 2:22:51 AM GMT+0200 Europe;Athens
> Subject: Re: [Samba 4] FSMO roles change research
> > Hi Nadya,
> > I have done some research on how FSMO Roles changes works in AD in
> > order to implement commands that invoke role change, as a means for
> > testing Samba 4
> > Python tool to perform these operations to be done shortly.
> great, thank you!
> I think we should also have commands something like "net domain role
> list" to show which DC has each role.
Yeah, I tought about that.
My intended syntax was
net fsmo rolename [--seize|--transfer]
net fsmo --show
as domain role may be interpreted as domainNamingMaster role, gets a bit confusing.
> We also need to be pretty careful about access control for these
> operations :-)
Well, we need to implement the extension of GetNCChanges that transfers the roles between servers, my guess is checs on access control rights happen there, but I havent read the docs in detail about that yet.
> Cheers, Tridge
More information about the samba-technical