[Samba] Cloning from a backup: unable to reach any KDC in realm
Don Kuenz
mail at crcomp.net
Fri Nov 15 22:11:23 UTC 2019
Andrew Bartlett wrote:
> Don Kuenz wrote:
>>
>> Greetings,
>>
>> This post pertains to a Disaster Recovery (DR) scenario on a Samba 4.8
>> server. The DR server was provisioned as a standalone host, on a
>> network isolated from the Production Server (PS).
>> The DR's /var/db/samba4 directory, which contains the private
>> directory, was then renamed and replaced with the PS' /var/db/samba4
>> backup. kinit now fails on the DR with:
>>
>> kinit: krb5_get_init_creds: unable to reach any KDC in realm
>> PRODUCTION
>>
>> Will samba_dnsupdate --verbose resolve this situation?
>> Is there a way for the DR host to seize the KDC?
>> What is the correct procedure to provision and clone a DR host from a
>> backup?
>
> The correct procedure is
> https://wiki.samba.org/index.php/Back_up_and_Restoring_a_Samba_AD_DC
>
> Just copying the files isn't advised, to start with a lock needs to be
> taken over all the files to ensure a stable backup, which can only be
> taken with the correct tools, unless the server has been stopped.
Perfect! (FWIW, the Production Server was indeed stopped before the
backup was taken.)
--
Don Kuenz KB7RPU
There was a young lady named Bright Whose speed was far faster than light;
She set out one day In a relative way And returned on the previous night.
More information about the samba
mailing list