[Samba] Migrating to replacement PDC

John H Terpstra - Samba Team jht at samba.org
Wed Aug 19 21:10:31 MDT 2009


On 08/19/2009 09:41 PM, Brian H wrote:
> 
> I've been reading the SAMBA documentation at:
> http://us3.samba.org/samba/docs/man/Samba-Guide/upgrades.html#id2600749
> 
> But I just need some confirmation since this is our primary server, and
> I'm not fully confident about what I read.
> 
> SITUATION:
> We currently have a Samba server running as our Primary Domain
> Controller which is authenticating against a local LDAP database.  The
> hardware is failing so we need to build a replacement box.  Machine
> hostnames are based off of asset tags, so the hostnames will be
> different between the two servers.
> 
> The intention is to build the NEW server with a unique hostname and temp
> IP address, and the same smb.conf.  Then at the point of migration,
> change the IP address of the NEW server to that of the OLD server, start
> up SAMBA, and then let it take over as the PDC.
> 
> QUESTIONS:
> And from what I understand, as long as I make sure the NEW server has
> the same NETBIOS name in the /etc/samba/smb.conf file, then it should
> pull the "domain SID" from LDAP the first time it is started.

Not at all. You need to configure the new server as a BDC.  Then BEFORE
joining it to the domain, import the domain SID as follows:

	net rpc getsid

Now join the domain:

	net rpc join

Then you can shutdown both servers when you are ready, convert the BDC
to the PDC, convert the old PDC to a BDC, restart both servers, or just
the PDC and you will be in business.

PS: The PDC has:
	domain logons = Yes
	domain master = Yes

The BDC has:
	domain logons = Yes
	domain master = No

> Does this mean I don't need to import the "secrets.tdb" or manually set
> the SID with "net setlocalsid S-1-5-21-22-2394995923-3994118334", or
> change the hostname that of the OLD server?

No. No need to do this.

Cheers,
John T.

> MISC FACTS:
> OLD Server
>     Hostname: asset01
>     DNS Name(s): asset01 PDC LDAP
>     NETBIOS: PDC
>     IP: 172.16.1.1
>     Services: SAMBA, LDAP
>     
> NEW Server (future values are in < > )
>     Hostname: asset02
>     DNS Name(s): asset02 <asset02 PDC LDAP>
>     NETBIOS: <PDC>
>     IP: 172.16.1.2 <172.16.1.1>
>     Services: SAMBA, LDAP
> 
> ----
> Brian H
> binarynomad at gmail.com
> http://www.binarynomad.com
> 



More information about the samba mailing list