[Samba] messy replication
Adam Weremczuk
adamw at matrixscience.com
Thu Jul 18 14:35:06 UTC 2019
On 18/07/19 13:19, Rowland penny via samba wrote:
> OK, from my understanding DC1 is using the internal dns and DC2 is
> using Bind9.
It's the other way round.
On dc1 port 53 is mapped to /usr/sbin/named -u bind.
On dc2 it's /usr/sbin/samba.
I wasn't sure what to do when I deployed dc2.
I remember installing bind9 on dc2 but then purging it.
BTW - does it matter for replication which backend is being used?
Or is everything expected to fully populate regardless of the DNS
backend choice?
> I would ensure your clients only use DC1
What's the best way to achieve it?
Through a local firewall?
> turn off Bind9 on DC2 and then run samba-upgradedns to use the
> internal dns server, this will cure one of your problems. You may have
> to delete the 'dns-dc2' user manually. There is more to it than just
> renaming 'dns-dc2' to 'dns-dc1'.
>
> If you then want to demote DC2, you will need to get into idmap.ldb
> and make some changes, I would start by trying to change the FSMO role
> holders to DC1, the ultimate aim will be to get replication working
>
I thought the plan was to forcefully demote dc2 and dc1 suffers from too
many config issues to rely on replication.
> speaking of which, have you tried this command:
>
> samba-tool drs replicate ldap://DC2 ldap://DC1 all
Is it safe to run knowing data on both might be over a week out of sync?
What's the worst that can happen?
More information about the samba
mailing list