[Samba] Moving a DC...

Andrew Bartlett abartlet at samba.org
Wed Dec 16 19:53:23 UTC 2020

Yes, you must re-join after the clone.  Essentially this is about
cloning the VM as a base OS (to avoid a re-install and re-configuration 
of the other services), right?

The hostname is a critical part of a DCs identity, so for the benefit
of others even if you destroyed the first host you would have to re-
join with the new name.

As you suggest, I would ensure the Samba directories are clean.

Andrew Bartlett

On Wed, 2020-12-16 at 18:47 +0100, Joachim Lindenberg via samba wrote:
> I do have a question that probably fits nicely... rather than
> starting from scratch with a new DC I´d like to clone an existing DC
> (with network turned off, samba-ad-dc stopped and disabled) and join
> that after changing the host name etc. I assume the list below --
> suffices to copy -- that include samba in the path are exactly the
> directories I should consider to clean before joining, correct? Any
> others?
> Thanks, Joachim
> -----Ursprüngliche Nachricht-----
> Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland
> penny via samba
> Gesendet: Wednesday, 16 December 2020 18:36
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Moving a DC...
> On 16/12/2020 17:22, Marco Gaiarin via samba wrote:
> > In my adventure with Samba/AD i've done the 'wrong thing', eg i've 
> > used a container (LXC) for DCs.
> > Now i want to fix that, moving from LXC to a plain VM.
> > 
> > OK, i can bring up a new set of DCs, join them, and then tear down
> > the 
> > old.
> This probably should work, only way to find out is to try it. Create
> a new VM and try and join it to your AD domain as a DC. If it works
> (and I can see no reason why it shouldn't) then transfer all the FSMO
> roles to the DC running in the VM, demote all the other DC's and shut
> them down, never to restart them.
> > But because containers and VMs is both debian with Lois package,
> > can i 
> > simply 'copy over' configuration files and 'var' files from the 
> > container to the VMs?
> > 
> > I  think will suffices to copy:
> > 
> > 	/etc/samba
> > 	/etc/bind
> > 	/etc/krb5.conf
> > 	/etc/ntp.conf
> > 	/etc/nsswitch.conf
> > 	/var/lib/samba
> > 	/var/spool/samba
> > 	/var/log/samba
> Whilst that 'may' work, you would have to clone everything else
> (hostname, ipaddress, etc) and will undoubtedly be fraught with
> numerous dangers, I would only attempt this as a last resort.
> You could also try backing up the domain with the samba-tool backup
> tools and then restoring to a new DC in a VM.
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

More information about the samba mailing list