[Samba] Moving DC1 to a Virtual Machine

Marc Muehlfeld mmuehlfeld at samba.org
Sat Jan 24 10:56:47 MST 2015


Hello Paul,

Am 24.01.2015 um 16:38 schrieb Paul Littlefield:
> What is the correct way to change DC1 to a virtual machine?

One way is to join the new virtual DC to the domain, transfer the FSMO
roles from DC1 to the new one and demote DC1. But then your new DC has a
new name, of course. And we currently have a bug, that not all roles are
transfered, even if samba-tools says 'successful'. And then you can't
demote the old one, until you manually edit the AD database.



The second way, and the one I would go, is
- shutdown Samba on DC1
- copy all databases and SysVol content to the new host,
  into the folders, where your new OS expect them
- disconnect the old machine from the network
- start Samba on the new host
It's very important that the old host is never connected to the network
any more or you will mess up your AD!

I don't know what Samba version Gentoo and Ubuntu are shipping. But I
suggest that the OS on the new host, doesn't have an older version.

If you don't know where the OS of your new host puts the databases,
provision a new domain in a test environment and see, where the
databases are placed.


About the FSMO roles, you usually don't have to worry. Make sure, that
you understand what the five roles are for
(https://wiki.samba.org/index.php/Flexible_Single-Master_Operations_%28FSMO%29_roles#The_five_FSMO_roles).
Some domain features aren't available, if the DC owning a role is
temporary down. But in most situations, this isn't business critical.
Like if the RID master is down, your can e. g. create only new objects
(users, groups, etc), until your second DCs RID pool is empty.



Regards,
Marc


More information about the samba mailing list