[Samba] How to migrate Active Directory from one Samba4 server to another

X-Dimension at gmx.net X-Dimension at gmx.net
Mon Aug 13 11:56:27 MDT 2012


-------- Original-Nachricht --------
> Datum: Mon, 13 Aug 2012 17:47:35 +1000
> Von: Andrew Bartlett <abartlet at samba.org>
> An: X-Dimension at gmx.net
> CC: samba at lists.samba.org
> Betreff: Re: [Samba] How to migrate Active Directory from one Samba4 server to another

> On Sat, 2012-08-11 at 22:03 +0200, X-Dimension at gmx.net wrote:
> > Hello!
> > 
> > We are using a Samba4.0.0alpha19 (Resara 1.1.2) based domain controller
> in a small production environment and because the Resara development has
> ended we want to switch to a plain Samba4 beta based Ubuntu 12.04/Zentyal
> Server.
> > I have installed and configured the new server with the same domain-name
> and the same hostname like the old server. 
> > How can i export the Active Directory from the old server and import it
> to the new Samba4 server? 
> 
> Something like this (unstested):
> 
> Use a different hostname, then run 'samba-tool domain join' to join it
> to the first domain.  Then you can use the
> source4/scripting/bin/renamedc script to rename it back to the name of
> the first DC, after running 'samba-tool domain demote' on it. 
> 
> You may need to seize FSMO roles from one DC to the other with
> 'samba-tool domain fsmo'.
> 
> > Do i need to rejoin the clients to the domain, after this?
> 
> No.
> 
> Additional complications may include DNS configuration.  You may need to
> use --dns-backend=none on the join command. 
> 
> This is just a series of hints to get you started.  Hopefully you can
> work it out from here. 
> 
> Andrew Bartlett
> 
> -- 
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> 
> 
Thank you Andrew, this was very helpful!
Joining the new Samba4 Server to the old one replicates the Active Directory without a problem! After shutting down the old server, renaming the new server and restore smb.conf and krb5.conf i can access the new server with RSAT now. :-)

What does not work is the dns-backend! :-(
After the AD replication the DNS snap-in from RSAT does not work anymore.
The join option "--dns-backend=none" is not available here (Samba4.0.0beta2 Zentyal package) 
Is there another way to get DNS working after the replication from the old server? 

I have also another question: What does the "renamedc" script do? 
When i start it, it always tells me that there are opened transactions and so it can't run.
Because of this i simple change the hostname in /etc/hostname/ and /etc/hosts and run hostname -F /etc/hostname. After a restart all looks good so far. (but i haven't tested it very much)

THX


More information about the samba mailing list