[Samba] Replace AD DC FS with 2 new servers
Rowland Penny
rpenny at samba.org
Mon Nov 26 13:06:09 UTC 2018
On Mon, 26 Nov 2018 13:13:11 +0100
Mark Amundsen via samba <samba at lists.samba.org> wrote:
> I inherited an old Samba 4 server that act as both AD DC and
> fileserver. Hardware is old, need to be replaced.
>
> Plan is to add a second AD DC and join a new fileserver as a domain
> member, rsync all files from the old file server to the new and map
> clients to the new one and finally demote the old AD DC.
>
> The old AD DC has this line in smb.conf:
> idmap_ldb:use rfc2307 = yes
>
> Because of that my understanding is that I should join the second DC
> with: --option='idmap_ldb:use rfc2307 = yes'
Yes
>
> Does this also mean that the member server that will act as a file
> server should have idmap config = ad?
Only if you have manually added uidNumber & gidNumber attributes to AD
>
> The documentation is not clear to me, in the wiki for setting up a
> domain controller it is recommended to use rfc2307 but in the wiki on
> how to set that up it is recommended to _not_ use rfc2307 in a DC.
No, I think you mean that you should provision with 'use-rfc2307' but it
is not recommended to use a DC as a fileserver.
Rowland
More information about the samba
mailing list