[Samba] preparing for a new site with an extra domain controller
Stefan G. Weichinger
lists at xunil.at
Mon Dec 16 09:33:59 UTC 2024
Am 12.12.24 um 10:48 schrieb Stefan G. Weichinger via samba:
> Am 10.12.24 um 15:10 schrieb Luis Peromarta via samba:
>> No issue, sync will continue next time network is up.
>
> great
>
> As I prepare that I also hit the fact that I should switch from one-
> directional sysvol-sync to bi/multidirectional sync via unison or osync.
>
> That means I have to switch over the existing syncing also, right now we
> do the basic rsync-syncing. I will do that first, after backups and rtfm.
switched over to unison, looks good
Now I prepare joining the third DC. That will happen after sending the
appliance to the new site, to have the correct IPs and routing etc in place.
(AFAIK changing IPs after joining is bad, so I will only start the
joining when it's in the correct place)
-
I read howtos like:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
I have joined Samba DCs in the past, so I think I got that part right,
but let me quote something that is written a bit misleading.
Keep in mind that I am not a native speaker, my first language is german.
In the section "Built-in User & Group ID Mappings" there's that red
block telling me:
"You need to sync idmap.ldb when you first join a new DC and then
regularly, to ensure the IDs remain constant, you do not need to sync
idmap.ldb every time you sync SysVol but as stated in the mailing list
it should be done periodically."
So what?
1) sync it at first
2) do not sync it every time with sysvol
3) sync it periodically
I don't do 3) for years in two sites ... and afaik it didn't hurt
How often is "periodically" ? daily/weekly/monthly ?
Why not provide an example or add that to the "SysVol replication"
cron-jobs (or as similar instructions) as well, if it's necessary?
to me it's a bit unclear and could be easily missed (as mentioned I
don't do it so far)
thoughts? explanation?
just my 2 cents, maybe the docs could be improved here. thanks all!
More information about the samba
mailing list