[Samba] FW: Manual replication of PDC

Wells Bacon wells at wbacon.com
Sat Sep 13 17:35:45 GMT 2008 

I've been trying to move a samba PDC (Samba 3.02 on SUSE Linux 10) to
a new machine.

Since this is a small network (less than 15 workstations and a
comparable number of users) I'm using the tdbsam backend, and
therefore can't (I believe) set up a self-replicating BDC. So the
purpose of this effort is to develop a backup plan that I know will
work when the server goes down and I can't immediately figure out what
the problem is. I'd like to have on hand a backup of the files
necessary to set up a new server on a different machine to get back in
business.

As far as I can tell, this should work by setting up a seperate linux
machine with the samba server installed & running, configuring the
network connection using the same hostname, and then importing a
certain set of files from the original server.

The files I've copied over are:
/etc/passwd
/etc/group
/etc/shadow
/etc/security/fileshare.conf
all of /etc/samba/*
all of /var/lib/samba/* including subdirectories /profiles, /
netlogon, /drivers, and /printers.

In order to keep the same permissions and ownership info, I've
transferred these files using tar -cpf ...

I'm close to having this work just right, but not close enough.

When I switch a client from the original server to the backup server,
and try to log on, I get an error telling me either that my account
has expired, or that my account expires today and I must change my
password. Using pdbedit -Lv on the new server I find that the Password
must change date is 1969. But using pdbedit to change the date to some
time in the future doesn't fix the problem. If I remove and replace
the account using smbpasswd -x and then -a, I can then log on without
the error.

But it's cumbersome and time-consuming to manually remove and replace
all of the accounts, and more importantly, it's not answering the
question of what's causing the problem.

I assume there are more files that need to be brought over, but I
don't know what they are.

Thanks for any assistance.

Here's the smb.conf:

# smb.conf is the main Samba configuration file. You find a full
commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if
the
# samba-doc package is installed.
# Date: 2005-09-13
[global]
	add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody
-s /bin/false %m$
	admin users = @root
	browseable = no
	domain logons = yes
	domain master = yes
	encrypt passwords = yes
	guest ok = no
	local master = yes
	logon drive = c:
	logon path = \\%L\Profiles\%U
	logon script = localnet.cmd
	netbios name = ELMO
	nt acl support = yes
	os level = 65
	passdb backend = tdbsam
	passwd program = /usr/bin/passwd %u
	passwd chat = *new*password* %n\n *new*password* %n\n *changed*
	security = user
	server string = Samba %v on (%L)
	smb passwd file = /etc/samba/smbpasswd
	unix password sync = yes
	username map = /etc/samba/smbusers
	wins support = yes
	workgroup = BDCO

[homes]
	comment = Home Directories
	valid users = %S
	browseable = no
	read only = No
	inherit acls = Yes

[netlogon]
	path = /var/lib/samba/netlogon
	write list = @root

[profiles]
	path = /var/lib/samba/profiles
	read only = no
	create mask = 0777
	directory mask = 0777

More information about the samba mailing list