[Samba] domain backup online

Ivan Jurišić ivan at jurisic.org
Thu Jul 18 06:11:57 UTC 2019 

On 18. 07. 2019. 04:49, Tim Beale wrote:
> Hi,
>
> Just to reiterate an important point, the 'domain backup' command is
> there to backup your domain information, not your DC.
Any good suggestion for make full domain backup in online? (without stop
service)?
>
> If you still have a working domain, then you can recover any DC by
> simply rejoining it to the domain. Do not use backup/restore to recover
> an individual DC.
Domain work , I just wont extra backup.
>
> If you want to recover your entire domain (i.e. power off all your DCs
> and start again from scratch), then that's when you restore from a
> backup file.

Any better way for recover domain? I have cc 1500 accounts on my domain
and if going from scratch I will be on big mess with users and ther
profiles.

>
> So yes, it's still a good idea to do backups regardless of how many DCs
> you have running.
Have dc1 (main) and dc2 (secondary)
>
> However, in this case, the backup file from only one of the DCs would
> ever be used to restore the domain. It's still fine to backup every DC,
> but the only real point of doing so is extra insurance in case the first
> backup file doesn't recover the domain properly.
>
> See also:
> https://wiki.samba.org/index.php/Back_up_and_Restoring_a_Samba_AD_DC
>
> Cheers,
> Tim
>
> On 18/07/19 12:32 AM, Joachim Lindenberg via samba wrote:
>> Afaik one is not supposed to ever restore a DC in case you are running multiple. Thus I am wondering why you want to do (online or not) backups at all.
>> Or did that rule change?
>> Regards, Joachim
>>
>> -----Ursprüngliche Nachricht-----
>> Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Ivan Jurišic via samba
>> Gesendet: Wednesday, 17 July 2019 13:39
>> An: samba at lists.samba.org
>> Betreff: [Samba] domain backup online
>>
>> On my primary Samba AD DC server all work ok when doing online backup, but on my secudary server I have error:
>>
>> ERROR(<type 'exceptions.IndexError'>): uncaught exception - list index out of range
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 177, in _run
>>     return self.run(*args, **kwargs)
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain_backup.py",
>> line 237, in run
>>     new_sid = get_sid_for_restore(remote_sam)
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain_backup.py",
>> line 73, in get_sid_for_restore
>>     rid = int(res[0].get('rIDNextRID')[0])
>>
>>
>> How to fix?
>>
>> Complete output:
>>
>> root at dc2:/var/log# samba-tool domain backup online --server=dc2.intra.mydomain.com --targetdir=/media/backup -Uadministrator at intra.mydomain.com
>> workgroup is MYDOMAIN
>> realm is intra.mydomain.com
>> Calling bare provision
>> Looking up IPv4 addresses
>> Looking up IPv6 addresses
>> No IPv6 address will be assigned
>> Setting up share.ldb
>> Setting up secrets.ldb
>> Setting up the registry
>> Setting up the privileges database
>> Setting up idmap db
>> Setting up SAM db
>> Setting up sam.ldb partitions and settings Setting up sam.ldb rootDSE Pre-loading the Samba 4 and AD schema Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs
>>
>> A Kerberos configuration suitable for Samba AD has been generated at /media/backup/tmphyBvX0/private/krb5.conf
>> Merge the contents of this file with your system krb5.conf or replace it with this one. Do not create a symlink!
>> Provision OK for domain DN DC=intra,DC=mydomain,DC=com Starting replication Using DS_BIND_GUID_W2K3 Schema-DN[CN=Schema,CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[402/1550] linked_values[0/0]
>> Schema-DN[CN=Schema,CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[804/1550] linked_values[0/0]
>> Schema-DN[CN=Schema,CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[1206/1550] linked_values[0/0]
>> Schema-DN[CN=Schema,CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[1550/1550] linked_values[0/0]
>> Analyze and apply schema objects
>> Partition[CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[402/1618] linked_values[0/0]
>> Partition[CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[804/1618] linked_values[0/0]
>> Partition[CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[1206/1618] linked_values[0/0]
>> Partition[CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[1608/1618] linked_values[0/0]
>> Partition[CN=Configuration,DC=intra,DC=mydomain,DC=com]
>> objects[1618/1618] linked_values[30/30]
>> Replicating critical objects from the base DN of the domain Partition[DC=intra,DC=mydomain,DC=com] objects[98/98] linked_values[24/24] Partition[DC=intra,DC=mydomain,DC=com] objects[385/287] linked_values[28/28] Done with always replicated NC (base, config, schema) Replicating DC=DomainDnsZones,DC=intra,DC=mydomain,DC=com
>> Partition[DC=DomainDnsZones,DC=intra,DC=mydomain,DC=com] objects[42/42] linked_values[0/0] Replicating DC=ForestDnsZones,DC=intra,DC=mydomain,DC=com
>> Partition[DC=ForestDnsZones,DC=intra,DC=mydomain,DC=com] objects[19/19] linked_values[0/0] Committing SAM database Setting isSynccomonized and dsServiceName Cloned domain MYDOMAIN (SID S-1-5-21-1643297388-1269305111-252802184)
>> ERROR(<type 'exceptions.IndexError'>): uncaught exception - list index out of range
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 177, in _run
>>     return self.run(*args, **kwargs)
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain_backup.py",
>> line 237, in run
>>     new_sid = get_sid_for_restore(remote_sam)
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain_backup.py",
>> line 73, in get_sid_for_restore
>>     rid = int(res[0].get('rIDNextRID')[0])
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>

More information about the samba mailing list