[Samba] Samba ADDC server migration
Rowland Penny
rpenny at samba.org
Thu May 15 12:41:14 UTC 2025
On Thu, 15 May 2025 12:52:30 +0200
ladas via samba <samba at lists.samba.org> wrote:
> Hi Rowland.
> slave in my description mens backup addc, both of them. I use one
> addc as a master and second two servers are connected to this master
> addc. So any changes or GPO settings I make at master and they are
> propagate to slaves.
Okay, I thought that was what you meant, the only thing wrong is your
terminology.
There are no master or backup DCs, there are only AD DCs, they are all
equal, it is just that there are the FSMO roles and they can be on any
AD DC (or split among several).
Your easiest way to upgrade now will be to install new DCS running
Devuan Daedalus, join these to your AD domain and then demote the
existing DCs, transferring the FSMO roles as required. You will need to
sync idmap.ldb and sysvol as before.
> smb.conf at DC holding FSMO roles: # Global parameters
Nothing wrong there.
> smb.conf at another DC:
> # Global parameters
> [global]
> netbios name = ADDC2
> realm = DOMAIN.COMM
> server role = active directory domain controller
> workgroup = DOMAIN
> dns forwarder = 10.1.1.225
> idmap_ldb:use rfc2307 = yes
> template shell = /bin/bash
> winbind use default domain = true
That doesn't do anything on a DC.
> winbind offline logon = false
That is the default.
> winbind nss info = rfc2307
That doesn't do anything on a DC.
> winbind enum users = yes
> winbind enum groups = yes
They are not required and could actually slow things down.
Rowland
More information about the samba
mailing list