[Samba] Restoring Samba databases from /var/lib/samba

Thu Jun 2 18:16:14 UTC 2022

Hi Peter,

On 02/06/2022 18:58, Peter Smode wrote:
> Before I got really slick with my Samba DC backups, I was on a version of Samba that did not have the tool for doing so. I put together scripting that would shutdown the VM that ran the DC, snapshot copied the virtual disks and then restarted the VM. The idea was that when the system was shutdown, the database would have been completely flushed to disk and would be quiet. It was in a guaranteed coherent state, since the system could reboot and restart Samba.
> 
> That said, do you have a backup taken out of cycle as a safety prior to an upgrade or suchlike where Samba would not have been running?

No - I'm afraid I don't have any backups aside from the full nightly 
ones. Your message makes me wonder actually - would I be correct in 
thinking that shutting down Samba and making a copy of /var/lib/samba 
(or whatever the path is on another Linux distro) would result in a 
clean, usable copy of the database files?

Sebastian

> 
> -- Peter
> 
>> On Jun 1, 2022, at 5:56 PM, Sebastian Arcus via samba <samba at lists.samba.org> wrote:
>>
>> To start with the end, until today I never realised that there are specific procedures for backing up Samba AD databases - which is my bad. I've always backed up /var/lib/samba and /var/cache/samba, seeing as that's where Samba kept its stuff. Today I've accidentally deleted /var/lib/samba, and tried to copy it back from the nightly backups. Needless to say that it all went to pots, and dns is not working properly any more, not matter what I try. I can provide more details and logs, but first I wanted to ask if it is even worth the effort? Is my backup of /var/lib/samba basically useless to restore things to where they were before?
>>
>> Some basic info:
>> OS: Slackware 14.1
>> Samba: 4.9.4
>> Mode: Active Directory DC with file server on the same machine - only one DC on domain
>>
>> Briefly, the samba_dlz plugin seems to be loading, but the logs have various errors which so far I can't make sense of:
>>
>> Jun  1 22:36:05 srv-01-op samba[11769]: ../source4/dsdb/kcc/kcc_periodic.c:768: Failed samba_kcc - NT_STATUS_ACCESS_DENIED
>>
>> and:
>>
>> # samba-tool dns zonelist localhost -U Administrator
>> Password for [redacted\Administrator]:
>> ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE')
>>   File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line 177, in _run
>>     return self.run(*args, **kwargs)
>>   File "/usr/lib64/python2.7/site-packages/samba/netcmd/dns.py", line 670, in run
>>     request_filter)
>>
>> Should I just cut my loses and rebuild everything from scratch? It will involve work from my part and downtime for the users, but I should have really known about proper Samba AD db backups, so it is what it is.
>>
>> Any pointers much appreciated.
>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
> 