[Samba] transfer fsmo role using ldap

John Gardeniers jgardeniers at objectmastery.com
Mon Oct 5 22:10:59 UTC 2015


Hi Mathias,

Thanks for that information. Not knowing it could easily confuse people 
and make us think the transfer was not successful.

regards,
John


On 05/10/15 18:52, mathias dufresne wrote:
> Note once role transfer is not really instantaneous. Not even on the host
> seizing the role. Once the samba-tool fsmo seize command is successful DCs
> need times to perform that transfer.
>
> 2015-10-02 21:26 GMT+02:00 Rowland Penny <rowlandpenny241155 at gmail.com>:
>
>> On 02/10/15 20:09, Yosel Lazaro Vera Gonzalez wrote:
>>
>>> ----- Mensaje original -----
>>> De: "Rowland Penny" <rowlandpenny241155 at gmail.com>
>>> Para: samba at lists.samba.org
>>> Enviados: Viernes, 2 de Octubre 2015 3:54:04
>>> Asunto: Re: [Samba] transfer fsmo role  using ldap
>>>
>>> On 02/10/15 04:27, Yosel Lazaro Vera Gonzalez wrote:
>>>
>>>> !!!Regards
>>>>
>>>> Is it possible to transfer the FSMO roles using ldap?
>>>> For example I get the schema container object using ldap, then I modify
>>>> the attribute fSMORoleOwner
>>>>     I change the following value "CN=NTDS
>>>> Settings,CN=SERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com"
>>>> by "CN=NTDS
>>>> Settings,CN=SERVER2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com"
>>>>
>>>>     Is this operation enough to transfer the schema master role to
>>>> server2?
>>>>
>>>> Why do you want to use ldap?
>>> is there something wrong with using 'samba-tool fsmo transfer'
>>>
>>> Rowland
>>>
>>>
>>> !!!Regards
>>> There is no problem with samba-tool fsmo transfer
>>> I'm developing a mini app with a simple UI to transfer roles and I'm
>>> using ldap.
>>>
>>>
>> It is a bit more involved that what you think, have a look at the code in
>> fsmo.py (part of samba-tool), it might be easier to get your UI to run
>> samba-tool instead of ldap. You should also think about 'what if the role
>> will not transfer?' it really gets involved when it comes to seizing roles,
>> also you have to transfer the two dns roles differently from the other 5
>> roles.
>>
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>




More information about the samba mailing list