samba-tool domain backup and xattrs

Rowland Penny rpenny at samba.org
Mon Apr 9 08:11:26 UTC 2018


On Mon, 09 Apr 2018 10:10:28 +1200
Andrew Bartlett <abartlet at samba.org> wrote:

> On Sun, 2018-04-08 at 13:31 +0100, Rowland Penny via samba-technical
> wrote:
> > On Sun, 08 Apr 2018 20:57:01 +1200
> > Andrew Bartlett <abartlet at samba.org> wrote:
> > 
> > > On Sun, 2018-04-08 at 09:08 +0100, Rowland Penny wrote:
> > > 
> > > > Where can I read Metze's restoration steps ?
> > > 
> > > https://lists.samba.org/archive/samba-technical/2018-March/126506.html
> > > 
> > > Andrew Bartlett
> > 
> > OK, I must have missed that, it also provided me with the answer to
> > where '-r' came from ;-)
> > 
> > firstly, I think the tdbbackup changes need to be proposed as a
> > single patch, if the present tdbbackup isn't safe, it should be
> > made safe.
> 
> It isn't unsafe, it is just inoperative while a transaction lock is
> outstanding.  That -r switch (use read locks) in turn is the most
> practical way to get a lock over all the databases, so the simpliest
> way forward was to add a new mode to tdbbackup.  
> 
> That change is a distinct commit in the patch set, and the version of
> Samba using this change will rely on the version of tdb with that
> option.
> 
> > Now we come to Metze's comments:
> 
> > > The restore command should also do this on the backup databases:
> > > - reset highestCommittedUSN to 1 and invent a new invocationID
> > >   that will be used for further replPropertyMetaData stamps
> 
> (etc)
> 
> > This wouldn't really be a restore, it would nearly be creating a new
> > domain from existing data as 'classicupgrade' does.
> 
> > I have been looking into how windows deals with this situation and
> > found this:
> > 
> > https://technet.microsoft.com/en-us/library/cc535164.aspx?f=255&MSPPError=-2147217396
> > 
> > It talks about two types of recovery without a working DC,
> > 'Non-authoritative' & 'Authoritative'. Metze seems to want something
> > similar to an 'Authoritative' restore, but, at the bottom of the
> > page, there is this note:
> 
> Yes, both the client requesting the feature and Metze have requested
> an authoritative restore. 
> 
> > Because the only case in which you would restore a domain controller
> > from the backup image is when all domain controllers have been lost,
> > authoritative restores should not be needed.
> 
> Yes, that is exactly what our client needs this for: when the domain
> is 'lost' due to replication corruption and needs to be re-built from
> a known good backup.
> 
> I hope this clarifies things,
> 

No, it says to me that because a Catalyst client wants to do an
'Authoritative' restore, everybody must do so, even though this is
totally unnecessary.

If you have a good backup of ANY DC, you just need to restore this to
the DC it came from (same FQDN, IP) and it will work. Yes, you will
have to remove all the other dead DCs and seize the FSMO roles, but it
would work.

Rowland



More information about the samba-technical mailing list