[Samba] move domain member server to new hardware

Stefan G. Weichinger lists at xunil.at
Fri Jun 7 14:56:35 UTC 2024 

Am 07.06.24 um 15:56 schrieb Rowland Penny via samba:

>> Could I join the domain with another name and IP now ... to be able
>> to test things (introducing btrfs snaphots this time) with all
>> AD-features, but on a "test name"? And then leave the domain, change
>> FQDN/IP and rejoin?
> 
> I would create a 'test' machine and join that, once you are sure that
> everything is working correctly (and you have documented the
> procedure), just create a new machine with the correct FQDN/IP and join
> that.
> On a Unix domain member, all you need to backup is the smb.conf and the
> directories you have shared. If you put the shares in /srv , then all
> you need to backup is /srv and the smb.conf

ok ...

that new server would be my test machine ;-)

-

Let me show you the smb.conf

It has grown over years and was topic in quite a few threads in here.
I am sure it still needs improvement ;-)

That "ARBEITSGRUPPE" (german for workgroup) comes from the NT4-domain 
that was in place earlier (!)


# cat /etc/samba/smb.conf
[global]
         security = ADS
         workgroup = ARBEITSGRUPPE
         realm = arbeitsgruppe.sometld.at
         log file = /var/log/samba/%m.log
         log level = 2

         #log level = 5 auth:5 winbind:8

# template
winbind nss info = template
template shell = /bin/bash
template homedir = /mnt/samba/Daten/%U

         idmap config * : backend = tdb
         idmap config * : range = 2000-3999

         idmap config ARBEITSGRUPPE:backend = rid
         idmap config ARBEITSGRUPPE:range = 10000-99999

         username map = /etc/samba/user.map

         kerberos method = secrets and keytab
         dedicated keytab file = /etc/krb5.keytab

         winbind use default domain = Yes
         winbind refresh tickets = Yes

         vfs objects = acl_xattr
         map acl inherit = yes
         store dos attributes = yes

         #interfaces = bond0

         #hosts allow = 10.0.0.22,10.0.0.50

         printing = CUPS

At "vfs objects": some shares will also have "shadow_copy2" to use btrfs 
snapshots. I assume (will check in docs...) I have to add "acl_xattr" 
also then (to not toggle off the global setting, right?)

This smb.comf comes from the productive server and works fine, as far as 
we know.

greetings, thanks, Stefan

More information about the samba mailing list