samba_backup error and restoring old backup files

elyad alaei elysmb4 at
Mon Feb 17 02:24:06 MST 2014

Dear Andrew, I'll give more details to your comments below:

On Sun, Feb 16, 2014 at 10:47 PM, Andrew Bartlett <abartlet at>wrote:

> On Sun, 2014-02-16 at 12:15 +0330, elyad alaei wrote:
> > To backup the samba database, I stop samba service at 2:00 AM every night
> > and backup using samba_backup script and re-run samba4 service with the
> > help of crontab.
> BTW, the design of the script is to use tdbbackup so as to avoid needing
> to stop Samba.

So is it safe to take backup online? as much as I remember, it often failed
to create "sysvol" and "etc" when I didn't stop samba before running

> This implies to me that the script did not run to conclusion, because of
> an error such as the below:

But these errors appear after 31 DEC! Before that date, we didn't get such
errors, the only problem was: sometimes it didn't create "sysvol" and "etc"
we run samba_backup (either manually or using crontab).

> > Today we saw some malfunctioning and the command:
> > #service samba4 stop
> > gives the error: <<samba4: unrecognized service>> but the output of
> command:
> > #initctl list | grep "sam*"
> > is correct : <<samba4 start/running, process 18966>>
> >
> > When I checked backedup files, I saw the latest backup of "sysvol" and
> > "etc" is back to 31 DEC 2013! but "samba4_private" are all backed up till
> > now.
> > To stop samba, I removed samba4.conf from /etc/init and restarted the
> > server and then run the samba_backup script! unfortunatly it doesn't
> create
> > "sysvol" and "etc" backup files and writes these errors on the screen:
> >
> > root at smb4srv:/home/adminit# /usr/sbin/samba_backup
> >
> > Failed to insert into
> > ./private/sam.ldb.d/DC=DOMAINDNSZONES,DC=IT,DC=TUB.ldb.bak.tmp
> >
> > failed to copy ./private/sam.ldb.d/DC=DOMAINDNSZONES,DC=IT,DC=TUB.ldb
> >
> > Error while backuping
> > ./private/sam.ldb.d/DC=DOMAINDNSZONES,DC=IT,DC=TUB.ldb
> This error comes from tdbbackup, which is our tool for making a safe
> copy of a live tdb.
> > Please note that, despite we get these errors, the "samba4_private" file
> is
> > created each time I run samba_backup! but I don't know whether it is
> > corrupt or not.
> > Now my questions are:
> > 1.How can I know whether "samba4_private" is corrupt or not.
> They need to be assumed to be corrupt.

Isn't there any way to check their (the  "samba4_private" file's)

> > 2.What if I restore (abit old) backup files of 31 DEC 2013?! Can it couse
> > any malfunctioning in our existing clients?!
> Yes, it will cause a roll-back of all domain data, including machine
> account passwords.

> > 3.How can I mix old "sysvol" and "etc" backup files with latest
> > "samba4_private" if it is not curropt?!
> The main issue would be that any group policy changes would be out of
> sync between the files and the Active Directory.  If you did not use
> group policy, then this is less of an issue.
> We have not changed any GP settings since then, so it would not be the
issue, but our users may have been changed their passwords so we would like
to use the latest backups, if possible.

> At this point to assist further I need to understand what the state is
> of your main database.  Do you still have it?  Does it pass a
> 'samba-tool dbcheck --cross-ncs'?  Does running the backup script
> manually work?

Our domain still is under production and the output of 'samba-tool dbcheck
--cross-ncs' is:
Checking 5156 objects
Checked 5156 objects (0 errors)

I couldn't understand what do you mean by "Does running the backup script
manually work"? If you mean, running samba_backup from shell, then yes, the
errors I mentioned, are given when I run it via shell after stopping samba4

Elyad Alaei

More information about the samba-technical mailing list