[PATCH] Add a new tool, 'samba-tool domain clone'
Stefan Metzmacher
metze at samba.org
Tue Aug 18 07:36:01 UTC 2015
Hi Andrew,
>> Am 17.08.2015 um 05:56 schrieb Andrew Bartlett:
>>> This patch adds and tests 'samba-tool domain clone' a way to clone
>>> an
>>> AD domain without adding Samba as a DC. This allows us to confirm
>>> we
>>> can migrate to Samba without harming the source domain.
>>
>> As that seems to be more like a developer tool,
>> which can be very dangerous for a random admin to try,
>> I don't want this to be part of "samba-tool domain".
>
> Why is it dangerous?
Because if you accidently start it bad things happen,
machine accounts may change their password here or there.
>> I'd prefer a standalone script under source4/scripting/devel/.
>>
>> Also from reading the patch it's not completely clear what
>> part of the migration should be tested? Just the replication?
If you just want to test the replication you can use net rpc vampire keytab,
but I guess it's not just replication you want to test...
>> What is the desired result of this having an exact copy of the
>> other DC? Including the same name, ntds guid and it's original
>> invocationID?
But the ipaddress will be different?
What is the desired action an admin would like to do with the result of
this operation?
metze
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150818/9b1951d0/signature.sig>
More information about the samba-technical
mailing list