[Samba] new DC via clone..

[Rowland Penny]

On Mon, 22 Jul 2024 16:48:59 +0200
Joachim Lindenberg via samba <samba at lists.samba.org> wrote:

> Hello Rowland,
> there can be a lot more services than just the OS and Samba-AD-DC.

Just like Microsoft, Samba doesn't recommend using a DC for other
services and running it in some form of VM doesn't make it different.

> As
> a must have you have to configure bind, and in my specific case I
> have also a pi-hole and stubby running with docker in order to
> provide complete DNS services on the DCs. Cloning is definitely a
> huge saving of time than starting from scratch. Everybody except
> probably Samba today uses clones where possible. 

As I said, I wouldn't clone a DC, but a quick internet search turns up
that you can clone a Microsoft AD DC, provided a few criteria are met:

It is only running software essential for the DC.
It holds most, if not all, the FSMO roles.
Can be powered down for a short while.
It is best to be already virtualised.

Your clone does not seem to match the above.

You are having problems, which may be just down to Samba, or they could
be due to an interaction between Samba and some other piece of software.

I suggest you start with a fresh VM, install Samba in that and join it
as a DC (using the internal dns server), if that works okay, then add
Bind and keep adding things until it stops working, at which point you
may be able to work out what the problem is. If the new Samba gives you
the same problem that you are having now, then it will be less software
in the way when trying to sort out the problem.

Rowland