[Samba] preparing for a new site with an extra domain controller
Stefan G. Weichinger
lists at xunil.at
Tue Dec 10 07:46:11 UTC 2024
Greetings!
after all these years of running Samba I am still learning and having to
learn more :-)
I am trying to research howtos and docs, but from my experience it
sometimes would have been better to ask BEFORE trying things.
So:
At a customer we happily run 2 samba-AD-DCs for one single AD domain, on
one geographical site, in one single IP subnet.
(using samba-4.21.2 as I write this)
Now they took over another small company and plan to connect that to the
AD as well.
Correct me if I am wrong:
I suggested to add a 3rd AD DC and place it there.
We already have a site-to-site-VPN (wireguard) between the 2 sites that
works well.
So I would deploy a 3rd DC, join it to the AD and move it to their
office. I googled that and found this howto:
https://wiki.samba.org/index.php/Active_Directory_Sites
Should the 3rd DC be in place (= in the "target subnet") already before
joining? I think so ... to get the DNS etc correct.
I assume that renaming or changing IP should be avoided if possible, so
it might be best to deploy the DC with running (Debian-12.8.0) linux and
get the networking fixed before the join, right?
Any other things to take care of here?
Is the concept of "sites" the right to apply here? What about the old
office? We don't have a site defined for that yet, does it make sense or
is it even needed to define a site for that as well? Could that break
things in some way?
Thanks for any help and pointers!
Stefan
More information about the samba
mailing list