[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).
Juan Ignacio
juan.ignacio.pazos at gmail.com
Thu Dec 1 17:28:24 UTC 2022
Another thing I wonder about demoting the Original DC.
The smb.conf files look different on the original DC than the new one.
I would appreciate it if we could take a look before to know if there is
anything missing on the new DC, I don't remember installing kerberos on the
new one which is now primary. I don't know if it's necessary either.
Looks like the smb.conf does not have all the services who are in the
original?
Neither the idmap_ldb:use rfc2307 = yes
Original DC smb.conf
[global]
workgroup = OURDOMAIN
realm = OURDOMAIN.ORG
netbios name = DC1
server role = active directory domain controller
dns forwarder = **********
allow dns updates = nonsecure and secure
#server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc, dnsupdate, dns, smb
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6,
backupkey, dnsserver, winreg, srvsvc
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl,winbind, ntp_signd, kcc, dnsupdate, dns
idmap_ldb:use rfc2307 = yes
#winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
#winbind nested groups = yes
log level = 3
log file = /var/log/samba/samba.log
New DC smb.conf
[global]
netbios name = DC2
realm = OURDOMAIN.ORG
server role = active directory domain controller
dns forwarder = *********
workgroup = OURDOMAIN
allow dns updates = nonsecure and secure
ldap server require strong auth = no
El jue, 1 dic 2022 a las 10:08, Juan Ignacio (<juan.ignacio.pazos at gmail.com>)
escribió:
> Thx for all the info Rowland;
> I tried to read everything carefully..
> I managed to make an offline domain backup in the new ad-dc without
> apparently major complications.
>
> But not being able to do the online backup, I got an exception and isn't
> on the wiki.
>
> root at DC2:/domain/samba/domainBackups# samba-tool domain backup online
> --targetdir=/domain/samba/domainBackups --server=DC2 -UAdministrator
> ERROR(runtime): uncaught exception - (3221225653, '{Device Timeout} The
> specified I/O operation on %hs was not completed before the time-out period
> expired.')
> File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py", line
> 186, in _run
> return self.run(*args, **kwargs)
> File "/usr/lib/python3/dist-packages/samba/netcmd/domain_backup.py",
> line 261, in run
> ctx = join_clone(logger=logger, creds=creds, lp=lp,
> File "/usr/lib/python3/dist-packages/samba/join.py", line 1552, in
> join_clone
> ctx = DCCloneContext(logger, server, creds, lp, targetdir=targetdir,
> File "/usr/lib/python3/dist-packages/samba/join.py", line 1576, in
> __init__
> super(DCCloneContext, ctx).__init__(logger, server, creds, lp,
> File "/usr/lib/python3/dist-packages/samba/join.py", line 101, in
> __init__
> ctx.site = ctx.find_dc_site(ctx.server)
> File "/usr/lib/python3/dist-packages/samba/join.py", line 363, in
> find_dc_site
> cldap_ret = ctx.net.finddc(address=server,
>
> El jue, 1 dic 2022 a las 7:15, Rowland Penny via samba (<
> samba at lists.samba.org>) escribió:
>
>>
>>
>> On 01/12/2022 02:11, Andrew Bartlett via samba wrote:
>> > On Wed, 2022-11-30 at 23:03 -0300, Juan Ignacio via samba wrote:
>> >> Already checked that on 4.1 and samba-tool doesn't have that options.
>> >> root at DC1:/usr/sbin# samba-tool domain backup online
>> >> Usage: samba-tool domain <subcommand>
>> >>>
>> >
>> > Correct. For such an old version just shut Samba down and back up the
>> > files 'normally'. Restoration will be a challenge, the only option
>> will be to force destroy any other DCs and then start back from the backed
>> up files.
>> >
>> > Andrew Bartlett
>> >
>> >
>>
>> Wrong, the OP now has a much later Samba DC and that will have the 'new'
>> backup tools.
>>
>> Rowland
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
More information about the samba
mailing list