[Samba] some questsions to online backup and a failiure with offline backup

Andrew Bartlett abartlet at samba.org
Tue Jun 18 10:07:15 UTC 2019 

On Tue, 2019-06-18 at 11:28 +0200, admins aixtema via samba wrote:
> Hi,
> first online backup works, but why some parts are missing?
> 
> Online:
> 
> root# samba-tool domain backup online --targetdir=/mnt/backup/online/ 
> --server=DC -UAdministrator
> 
> Backup created 2019-Jun-18 11:04:19
> Using samba-tool version: Samba 4.10.2
> Domain online backup, using DC 'DOMAIN'
> Backup for domain DOMAIN (NetBIOS), DOMAIN (DNS realm)
> Backup contains domain secrets: True
> 
> 
> missing files:
> bind-dns/ folder is empty no DNS Records will be saved (not fine)

The backup is a backup of the domain, but by default the restore will
be configured for 'internal' DNS.  Just use samba_upgradedns to change
to DLZ_BIND9 if desired.

> pritave/tls folder is empty my self created and samba created certs wont 
> be backupped

Correct, this is not a backup of a single DC, but of the replicated
data in the domain.  As such per-server information is not backed up,
and will need to be re-generated.

> sysvol is not included

Sysvol is meant to be included. 

> but i thing this is right cause online backup :)
> 
> 
> Offline:
> tryed with running and stopped samba processes
> do i need to stop named also when running with bind_dlz?
> 
> samba-tool domain backup offline --targetdir=/testfolder
> running backup on dirs: /var/lib/samba/private /var/lib/samba /etc/samba
> Starting transaction on /var/lib/samba/private/secrets
> Starting transaction on /var/lib/samba/private/sam.ldb
>     backing up /var/lib/samba/private/sam.ldb
>     copying locked/related file 
> /var/lib/samba/private/sam.ldb.d/DC=FORESTDNSZONES,DC=AIXTEMA,DC=DE.ldb.bak
>     copying locked/related file 
> /var/lib/samba/private/sam.ldb.d/CN=CONFIGURATION,DC=AIXTEMA,DC=DE.ldb.bak
>     copying locked/related file 
> /var/lib/samba/private/sam.ldb.d/DC=DOMAINDNSZONES,DC=AIXTEMA,DC=DE.ldb.bak
>     copying locked/related file 
> /var/lib/samba/private/sam.ldb.d/CN=SCHEMA,CN=CONFIGURATION,DC=AIXTEMA,DC=DE.ldb.bak
>     backing up locked/related file 
> /var/lib/samba/private/sam.ldb.d/DC=DOMAINDNSZONES,DC=AIXTEMA,DC=DE.ldb
>     copying locked/related file 
> /var/lib/samba/private/sam.ldb.d/metadata.tdb
>     copying locked/related file 
> /var/lib/samba/private/sam.ldb.d/DC=AIXTEMA,DC=DE.ldb.bak
>     backing up locked/related file 
> /var/lib/samba/private/sam.ldb.d/DC=FORESTDNSZONES,DC=AIXTEMA,DC=DE.ldb
>     backing up locked/related file 
> /var/lib/samba/private/sam.ldb.d/CN=CONFIGURATION,DC=AIXTEMA,DC=DE.ldb
>     backing up locked/related file 
> /var/lib/samba/private/sam.ldb.d/CN=SCHEMA,CN=CONFIGURATION,DC=AIXTEMA,DC=DE.ldb
>     backing up locked/related file 
> /var/lib/samba/private/sam.ldb.d/DC=AIXTEMA,DC=DE.ldb
> Starting transaction on solo db: /var/lib/samba/private/hklm.ldb
>     running tdbbackup on the same file
> Starting transaction on solo db: /var/lib/samba/private/share.ldb
>     running tdbbackup on the same file
> Starting transaction on solo db: 
> /var/lib/samba/private/DC=DOMAINDNSZONES,DC=AIXTEMA,DC=DE.ldb
>     running tdbbackup on the same file
> running tdbbackup on lone tdb file /var/lib/samba/private/schannel_store.tdb
> running tdbbackup on lone tdb file 
> /var/lib/samba/private/netlogon_creds_cli.tdb
> tdb_mutex_open_ok[/var/lib/samba/private/netlogon_creds_cli.tdb]: Can 
> use mutexes only with MUTEX_LOCKING or NOLOCK
> Failed to open /var/lib/samba/private/netlogon_creds_cli.tdb
> Starting transaction on solo db: /var/lib/samba/private/privilege.ldb
>     running tdbbackup on the same file
> Starting transaction on solo db: /var/lib/samba/private/idmap.ldb
>     running tdbbackup on the same file
> running tdbbackup on lone tdb file /var/lib/samba/winbindd_cache.tdb
> running tdbbackup on lone tdb file /var/lib/samba/account_policy.tdb
> running tdbbackup on lone tdb file /var/lib/samba/share_info.tdb
> running tdbbackup on lone tdb file /var/lib/samba/registry.tdb
> running tdbbackup on lone tdb file 
> /var/lib/samba/private/netlogon_creds_cli.tdb
> tdb_mutex_open_ok[/var/lib/samba/private/netlogon_creds_cli.tdb]: Can 
> use mutexes only with MUTEX_LOCKING or NOLOCK
> Failed to open /var/lib/samba/private/netlogon_creds_cli.tdb
> Starting transaction on solo db: /var/lib/samba/bind-dns/dns/sam.ldb
> module partition initialization failed : Operations error
> module show_deleted initialization failed : Operations error
> module dns_notify initialization failed : Operations error
> module extended_dn_out_ldb initialization failed : Operations error
> module linked_attributes initialization failed : Operations error
> module unique_object_sids initialization failed : Operations error
> module operational initialization failed : Operations error
> module encrypted_secrets initialization failed : Operations error
> module group_audit_log initialization failed : Operations error
> module repl_meta_data initialization failed : Operations error
> module subtree_delete initialization failed : Operations error
> module aclread initialization failed : Operations error
> module acl initialization failed : Operations error
> module descriptor initialization failed : Operations error
> module objectclass initialization failed : Operations error
> module audit_log initialization failed : Operations error
> module asq initialization failed : Operations error
> module server_sort initialization failed : Operations error
> module vlv initialization failed : Operations error
> module dsdb_paged_results initialization failed : Operations error
> module dirsync initialization failed : Operations error
> module schema_load initialization failed : Operations error
> module dsdb_notification initialization failed : Operations error
> module rootdse initialization failed : Operations error
> module samba_dsdb initialization failed : Operations error
> Unable to load modules for /var/lib/samba/bind-dns/dns/sam.ldb: 
> partition_metadata: Migrating partition metadata: create of metadata.tdb 
> gave: partition_metadata: Unable to create 
> /var/lib/samba/bind-dns/dns/sam.ldb.d/metadata.tdb: Device or resource busy
> 
> ERROR(ldb): uncaught exception - partition_metadata: Migrating partition 
> metadata: create of metadata.tdb gave: partition_metadata: Unable to 
> create /var/lib/samba/bind-dns/dns/sam.ldb.d/metadata.tdb: Device or 
> resource busy
> 
>    File "/usr/lib64/python3.6/site-packages/samba/netcmd/__init__.py", 
> line 185, in _run
>      return self.run(*args, **kwargs)
>    File 
> "/usr/lib64/python3.6/site-packages/samba/netcmd/domain_backup.py", line 
> 1072, in run
>      ldb_obj = Ldb(path, lp=lp)
>    File "/usr/lib64/python3.6/site-packages/samba/__init__.py", line 
> 115, in __init__
> 
> is it requierd that i stop booth DCs when i try to backup in offline mode?

No, it is not required to stop the servers.

This looks more like a bug.  There may be some issues around offline
backups with BIND9_DLZ, or perhaps a site-specific issue.

Sorry,

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list