[Samba] R: demote old dc

Corrado Ravinetto corrado.ravinetto at lanificiocerruti.com
Mon Jan 2 15:24:05 UTC 2023 

Thanks a lot Rowland


Happy New Year 😊

-----Messaggio originale-----
Da: samba <samba-bounces at lists.samba.org> Per conto di Rowland Penny via samba
Inviato: lunedì 2 gennaio 2023 16:12
A: samba at lists.samba.org
Cc: Rowland Penny <rpenny at samba.org>
Oggetto: Re: [Samba] demote old dc



On 02/01/2023 14:46, Corrado Ravinetto via samba wrote:
> Happy new year at all
>
> I sould substitute an old dc wiht this parameters in smb.conf

No

> [global]
>          dns forwarder = 192.168.1.1
>          os level = 250
>          passdb backend = samba_dsdb
>          realm = LXCERRUTI.COM
>          server role = active directory domain controller
>          template homedir = //srvcerruti/Cerruti/usr/%U
>          workgroup = LXCERRUTI
>          rpc_server:tcpip = no
>          rpc_daemon:spoolssd = embedded
>          rpc_server:spoolss = embedded
>          rpc_server:winreg = embedded
>          rpc_server:ntsvcs = embedded
>          rpc_server:eventlog = embedded
>          rpc_server:srvsvc = embedded
>          rpc_server:svcctl = embedded
>          rpc_server:default = external
>          winbindd:use external pipes = true
>          idmap_ldb:use rfc2307 = yes
>          idmap config * : backend = tdb

If you do have a DC with all those lines it is wrong, most of them are defaults, unless you obtained them with 'testparm -s' rather than 'samba-tool testparm'.


>
> the new one have :
> [global]
>          netbios name = DC4
>          realm = LXCERRUTI.COM
>          server role = active directory domain controller
>          workgroup = LXCERRUTI
>          idmap_ldb:use rfc2307 = yes
>          dns update command = /usr/local/samba/sbin/samba_dnsupdate --use-samba-tool
>          os level = 250

You do not use 'os level' on a Samba AD DC, it is an NT4-style parameter.

>          min protocol = NT1
>         client min protocol = NT1

Talking of which, why are you still using 'NT1' ?

>          dns forwarder = 192.168.1.1
>          template homedir = //srvcerruti/Cerruti/usr/%U

That is just wrong, the default is 'template homedir = /home/%D/%U', you seem to be trying to use a share on another computer, this will not work.

>
> my question is : i must merge two smb.conf or i can use the new one ???

As pointed out, it very likely they are using the same basic smb.conf files, apart from the mangling you appear to have carried out. I would use the new one after you have repaired it.

> Two dc are in replica whitout problem, can i demote old dc or should i expect toruble ??

Provided the 'new' DC now holds the FSMO roles, you should be able to demote the old one.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Lanificio F.lli CERRUTI]


Corrado Ravinetto
Sistemi informativi
corrado.ravinetto at lanificiocerruti.com <mailto:corrado.ravinetto at lanificiocerruti.com>
T: +39 015 3591283
[Lanificio F.lli CERRUTI]
Lanificio F.lli Cerruti S.p.A.
Via Cernaia 40, 13900 - Biella (BI) Italy
www.lanificiocerruti.com <http://www.lanificiocerruti.com/>

[Twitter] <https://twitter.com/Lan_Cerruti> [Facebook]  <https://www.facebook.com/LanificioCerruti> [Instagram]  <https://www.instagram.com/lanificiocerruti/>

Rispetta l'ambiente, non stampare questa mail se non necessario
Respect the environment, don't print unless necessary

[Unesco]

More information about the samba mailing list