[Samba] Demote a samba DC and rejoin as member

Andreas Heinlein aheinlein at gmx.com
Mon Jan 15 10:55:08 UTC 2018

Am 15.01.2018 um 11:35 schrieb Denis Cardon via samba:
> Yes, when switching, it is much safer to clean up your /var/lib/samba.
> Be sure to recreate the /var/lib/samba/private folder after cleanup,
> that folder is not recreated automatically most of the time.
> There is nothing very complicated in what you wanted to do. Just be
> sure to double check the replication before demoting, be sure to
> demote to remove all the old DNS entries pointing to your old server,
> check your DNS config on servers and desktops.
> I do that regularly, kind of business as usual, but the other way
> around, from MS-AD to Samba AD... By the way Samba-AD is much more
> easy to maintain if you are familiar with AD and at easy with command
> line / scripting. Unless you have a business/corporate requirement
> expressly needing a MS-AD, I'd say it would be better to stick with
> Samba-AD. 

thanks for your help.

For the reasons to do that: until now, I had the impression it was the
other way round, MS-AD looked easier to maintain, at least as long as
everything works... Part of the problem may be that I am bound to use
the samba packages shipped with Debian stable, which is 4.5.12 at the
moment. I already encountered several points which were already fixed in
newer versions, but I would have to wait for Debian 10 to get these.
But I am more familiar with Linux and the command line, so I am
considering your words and staying with samba. What is absolutely
required is to have domain members running Windows 10 and Server 2016,
and I am unsure whether this works with this rather old version of samba.


More information about the samba mailing list