[Samba] Secondary domain controller and promotion

Brian Candler b.candler at pobox.com
Tue Jun 17 02:49:42 MDT 2014

I see the instructions about setting up a secondary domain controller at 
https://wiki.samba.org/index.php/Join_a_domain_as_a_DC but I am unclear 
on several points. I'm familiar with Kerberos/LDAP/DNS but not Windows 

(1) This document talks about adding Samba as a slave to "an existing 
Active Directory domain" (presumably running Windows).

Is it the same to process to add a second Samba machine to an existing 
Samba 4 domain?

(2) Is there any sort of 'master-slave' relationship between the 
original DC and the one you added later? Or is it a full multi-master 
setup? (except for Sysvol replication that is)

If the original is 'master' then how would you go about promoting the 
second one in the event the first one fails?

(3) If the original server needs to be removed permanently, how do you 
"unjoin" it from the domain, e.g. so that the new master doesn't attempt 
to replicate to it any more

(4) Is it possible to migrate a Windows 2003 domain to Samba 4 by:
- adding Samba 4 to the existing Windows domain
- making it the master
- copying sysvol
- retiring the Windows server?



More information about the samba mailing list