[Samba] Restoring Samba databases from /var/lib/samba

Andrew Bartlett abartlet at samba.org
Wed Jun 1 22:15:06 UTC 2022

On Wed, 2022-06-01 at 22:54 +0100, Sebastian Arcus via samba wrote:
> To start with the end, until today I never realised that there are 
> specific procedures for backing up Samba AD databases - which is my
> bad. 
> I've always backed up /var/lib/samba and /var/cache/samba, seeing as 
> that's where Samba kept its stuff. Today I've accidentally deleted 
> /var/lib/samba, and tried to copy it back from the nightly backups. 
> Needless to say that it all went to pots, and dns is not working 
> properly any more, not matter what I try. I can provide more details
> and 
> logs, but first I wanted to ask if it is even worth the effort? Is
> my 
> backup of /var/lib/samba basically useless to restore things to
> where 
> they were before?

samba_upgradedns can fix the links for BIND9_DLZ, but your issues seem
worse than that. 

> Some basic info:
> OS: Slackware 14.1
> Samba: 4.9.4
> Mode: Active Directory DC with file server on the same machine -
> only 
> one DC on domain
> Briefly, the samba_dlz plugin seems to be loading, but the logs have 
> various errors which so far I can't make sense of:
> Jun  1 22:36:05 srv-01-op samba[11769]: 
> ../source4/dsdb/kcc/kcc_periodic.c:768: Failed samba_kcc - 
> and:
> # samba-tool dns zonelist localhost -U Administrator
> Password for [redacted\Administrator]:
> ERROR(runtime): uncaught exception - (9717,
>    File "/usr/lib64/python2.7/site-
> packages/samba/netcmd/__init__.py", 
> line 177, in _run
>      return self.run(*args, **kwargs)
>    File "/usr/lib64/python2.7/site-packages/samba/netcmd/dns.py",
> line 
> 670, in run
>      request_filter)

I would look at the server logs more, and things like 'samba-tool
dbcheck --cross-ncs'

> Should I just cut my loses and rebuild everything from scratch? It
> will 
> involve work from my part and downtime for the users, but I should
> have 
> really known about proper Samba AD db backups, so it is what it is.
> Any pointers much appreciated.

Our DBs need to be backed up with the locks taken, otherwise you can
find it mid-modify.  Otherwise it is just pure luck as to if it was
quiet at the time. 

Might be worth engaging some professional help.

Andrew Bartlett

Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source

More information about the samba mailing list