[Samba] DC and shares separation

Rowland penny rpenny at samba.org
Thu Nov 28 16:13:26 UTC 2019

On 28/11/2019 15:38, Leszek Gubernat via samba wrote:
> Hi All,
> I've got a Samba4.5.15 server which acts both as an DC and a file 
> server. I'd like to break the setup into two servers without forcing 
> the users to redo their mappings and links which point the DC's name 
> or fqdn.
> My idea is to rename the DC (hostname and netbios) and assign its old 
> the another server with shares only. Is it possible to do it safely 
> without disrupting the domain, kerberos and dns (samba internal dns)? 
> If I execute the 'renamedc' provided by Samba will the computers 
> (including the ones in a remote routed location) realise that and 
> adjust their registries?
> Are there any other ways to archive the goal?
> Currently the domain name is a CNAME to the AD DC fqdn. 

Not sure what you mean by that, care to explain ?

> I don't have any BDC at the moment.
I think you mean that you only have one AD DC, a BDC is an NT4-style 
backup domain controller and has nothing to do with AD.

I would use this as an opportunity to upgrade Samba to a much later 
version (Samba >= 4.9.0), run this as an AD DC and convert the original 
DC into a Unix domain member and use this as a fileserver, problem is a 
DC will have different numeric IDs to a Unix domain member, unless you 
are using RFC2307 attributes.


More information about the samba mailing list