[Samba] LDB Tools best practices

Perttu Aaltonen perttu.aaltonen at mac.com
Fri Oct 27 08:32:02 UTC 2023

> On 26. Oct 2023, at 17.49, Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Thu, 26 Oct 2023 17:02:34 +0300
> Perttu Aaltonen via samba <samba at lists.samba.org> wrote:
>> Quick question. Can the LDB tools that modify the database files
>> directly be used without stopping Samba DC? Specifically ldbmodify?
> No problem, also you can use the machine password '-P' for most searches
>> What about when there are more than one DC? Anything to take into
>> account or best practices?
> The better question would be, 'What if there are multiple sysadmins ?',
> you should always have more than one DC.
> With multiple sysadmins, you could get 'collisions', especially if they
> try to change the same object on different DCs, so best practice would
> be to always do any changes on one DC (Usually the one holding the
> PDC_Emulator FSMO role).
> Rowland

Thanks Rowland. Now to write a ldbmodify script...


More information about the samba mailing list