Transfer of samba credentials to new installation?

Stefan Recksiegel stefan at
Tue Nov 29 11:05:46 UTC 2016

Hi Andrew,

thank you very much for your helpful answer! What would be the
"cleanest" way to do this, just transfer /etc/samba/smb.conf
and a tarball of the /var/lib/samba directory or should I rather
leave out e.g. winbindd_cache.tdb and have it regenerated?

Best,      Stefan

On 28/11/16 18:53, Andrew Bartlett wrote:
> On Mon, 2016-11-28 at 12:57 +0100, Stefan Recksiegel wrote:
>> Dear all,
>> I have a question that I have not been able to answer by searching
>> the
>> archives:
>> We have a cluster of about 250 computers that used to authenticate
>> against a local LDAP server. I am currently in the process of
>> migrating
>> to our institute's ADS infrastructure. I join each host with
>> "net ADS JOIN" and everything works as expected, so far so good.
>> We have a highly automated installation system (based on Debian
>> pre-seeding) where booting from the network just re-installs the
>> complete system with the latest release. Unfortunately, when using
>> ADS authentification, this means I manually have to log in to each
>> host to perform the join (unless I keep the ADS password in some
>> script, which I do not want to do).
>> Can I somehow transfer the ADS joining data in
>> /var/lib/samba/private/
>> from the old installation to the new installation to avoid having
>> to do a new join after upgrading the system?
> Yes.  As long as you keep the right secrets with the right rebuilt
> host, then that should work fine.  Test well, but I don't expect
> issues.
> Thanks,
> Andrew Bartlett
> --
> Andrew Bartlett             
> Authentication Developer, Samba Team
> Samba Developer, Catalyst IT

More information about the samba-technical mailing list