samba_backup error and restoring old backup files

Andrew Bartlett abartlet at
Sun Feb 16 12:17:48 MST 2014

On Sun, 2014-02-16 at 12:15 +0330, elyad alaei wrote:
> Hi
> Some months ago, we have installed samba 4.0.3 on ubuntu 12.04 LTS as our
> only domain controller and started to join our client computers (about 100
> PCs) and defining our users (about 200).
> After a while, we have upgraded it to 4.0.10 as mentioned in "Upgrading a
> source version" in samba4 howto.
> To backup the samba database, I stop samba service at 2:00 AM every night
> and backup using samba_backup script and re-run samba4 service with the
> help of crontab. 

BTW, the design of the script is to use tdbbackup so as to avoid needing
to stop Samba. 

> It could always create "samba4_private" file but "sysvol"
> and "etc" files were not created in some days! (I didn't pay attention to
> this issue because it backed up both "etc" and "sysvol" each 2 or 3 days or
> sometimes everyday!)

This implies to me that the script did not run to conclusion, because of
an error such as the below:

> Today we saw some malfunctioning and the command:
> #service samba4 stop
> gives the error: <<samba4: unrecognized service>> but the output of command:
> #initctl list | grep "sam*"
> is correct : <<samba4 start/running, process 18966>>
> When I checked backedup files, I saw the latest backup of "sysvol" and
> "etc" is back to 31 DEC 2013! but "samba4_private" are all backed up till
> now.
> To stop samba, I removed samba4.conf from /etc/init and restarted the
> server and then run the samba_backup script! unfortunatly it doesn't create
> "sysvol" and "etc" backup files and writes these errors on the screen:
> root at smb4srv:/home/adminit# /usr/sbin/samba_backup
> Failed to insert into
> ./private/sam.ldb.d/DC=DOMAINDNSZONES,DC=IT,DC=TUB.ldb.bak.tmp
> failed to copy ./private/sam.ldb.d/DC=DOMAINDNSZONES,DC=IT,DC=TUB.ldb
> Error while backuping
> ./private/sam.ldb.d/DC=DOMAINDNSZONES,DC=IT,DC=TUB.ldb

This error comes from tdbbackup, which is our tool for making a safe
copy of a live tdb.

> Please note that, despite we get these errors, the "samba4_private" file is
> created each time I run samba_backup! but I don't know whether it is
> corrupt or not.
> Now my questions are:
> 1.How can I know whether "samba4_private" is corrupt or not.

They need to be assumed to be corrupt. 

> 2.What if I restore (abit old) backup files of 31 DEC 2013?! Can it couse
> any malfunctioning in our existing clients?!

Yes, it will cause a roll-back of all domain data, including machine
account passwords. 

> 3.How can I mix old "sysvol" and "etc" backup files with latest
> "samba4_private" if it is not curropt?!

The main issue would be that any group policy changes would be out of
sync between the files and the Active Directory.  If you did not use
group policy, then this is less of an issue. 

At this point to assist further I need to understand what the state is
of your main database.  Do you still have it?  Does it pass a
'samba-tool dbcheck --cross-ncs'?  Does running the backup script
manually work?


Andrew Bartlett

Andrew Bartlett             
Authentication Developer, Samba Team
Samba Developer, Catalyst IT

More information about the samba-technical mailing list