[Samba] Automated samba online backup.
abartlet at samba.org
Fri Mar 19 18:27:34 UTC 2021
I would strongly recommend against this 'solution'. Unless you lock
the Samba DB during the backup, you cannot know that the DB is in a
consistent state to take the backup.
The same concerns expressed for PostgreSQL apply to Samba:
On Fri, 2021-03-19 at 13:17 -0500, Christopher Wensink via samba wrote:
> We accomplish what your asking without asking for an admin password,
> it's not done through samba-tool. We have an external Synology NAS
> device with 72 TB of total storage, that remotely connects into the
> samba file share machine each night, and takes a file system backup.
> additionally takes a full VM backup each night via a system snapshot.
> There is no direct connection for the samba machine to connect to
> Synology, the Synology is reaching in and pulling out backups, this
> if the samba file share machine is compromised it will not affect
> backup machine. DSM w/ Active Backup for business has worked pretty
> well for us, and there are options to simply use rsync on a shell
> the device if you want to do things that way too. We went with a 12
> Rackmount model, but there are consumer budget friendly devices
> available that have have the same functionality.
> On 3/19/2021 1:10 PM, Andrew Bartlett via samba wrote:
> > On Thu, 2020-04-30 at 10:27 -0300, Daniel Lopes de Carvalho via
> > samba
> > wrote:
> > > Hi
> > >
> > > I'm looking for a way to automate samba online backup with cron
> > > and
> > > without
> > > asking admin password. I wish to have a daily backup from my AD.
> > >
> > > Is there a way to exec samba-tool domain backup without password
> > > or
> > > do I
> > > need to have a export a admin keytab or something like that.
> > >
> > > Thanks
> > (sorry for the late reply)
> > In theory a keytab might work, and from there something that
> > refreshes
> > a credentials cache, but that is as sensitive as a password anyway.
> > An offline backup is what you want in cron, and we are currently
> > tidying up some of the rough edges on that. If you see any issues
> > using the offline backup in your situation please file a bug. We
> > are
> > fixing the incompatibility with BIND9_DLZ.
> > I hope this clarifies things,
> > Andrew Bartlett
> Christopher Wensink
> IS Administrator
> Five Star Plastics, Inc
> 1339 Continental Drive
> Eau Claire, WI 54701
> Office: 715-831-1682
> Mobile: 715-563-3112
> Fax: 715-831-6075
> cwensink at five-star-plastics.com
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
More information about the samba