[Samba] samba-tool domain backup offline fails
stefan at kania-online.de
Wed Apr 14 19:34:50 UTC 2021
I don't know the script from Rowland, but there is an easy way to create
the TGT. The magic is k5start, the name of the Debian-package is kstart.
Yo can use it to create the ticket with a deamon. I use it together with
openldap to set up replication with kerberos. Read here for more infos:
Am 07.04.21 um 11:08 schrieb Matthias Kühne | Ellerhold AG via samba:
> I *think* thats why you should add -N to the command, am I right?
> I'd be very interested to see your script Rowland.
> I've managed to get our online backup working via plain-text PW thats
> saved in a file only accessible as root on a DC. Not great but not bad
> This way I dont have to handle and kerberos re-negotiation, right? Ive
> looked at the code of adman for it and scared me to hell!
> Thanks and bye!
> Am 07.04.21 um 11:01 schrieb L.P.H. van Belle via samba:
>> it this also know, i you already have authenticated with kerberos, you need to re-enter the smb password.
>> kinit Administrator
>> samba-tool domain backup online --server=dc1.$(hostname -d) \
>> --targetdir=/root/samba-backup -k yes
>> That runs but ... Also has a small error. :-( ... this..
>> This comes later on..
>> Backing up sysvol files (via SMB)...
>> Password for [Administrator at REALM_HERE]:
>> since i authenticatied with kerberos already, i would not have expected an password question here. :-/
>>> -----Oorspronkelijk bericht-----
>>> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland penny via
>>> Verzonden: woensdag 7 april 2021 10:53
>>> Aan: samba at lists.samba.org
>>> Onderwerp: Re: [Samba] samba-tool domain backup offline fails
>>> On 07/04/2021 09:22, Stefan Bellon via samba wrote:
>>>> Hi all,
>>>> I'm about to set up disaster recovery for the domain and followed
>>>> (as I am using Samba 4.13.5).
>>>> First I went for the online backup (which works), but AFAICS it requires
>>>> administrator authentication and is thus not really suited for
>>>> automated backups via a cronjob.
>>>> When I tried "samba-tool domain backup offline" however, this fails:
>>> You have hit a known bug, which has just been fixed, so it should be in
>>> the next releases of 4.13 and 4.14.
>>> You can use the online backup from cron, just create a script (If you
>>> cannot, talk nicely and I will give you a copy of mine) , basically it
>>> boils down to using kerberos and adding '-N' to the command.
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
25693 St. Michaelisdonn
Signieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre
Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter
More information about the samba