samba - Oct 2007 - Moving Samba/LDAP PDC to another server

I need to move our existing Samba/LDAP PDC to another server.  Currently it is
on server1 and I want server2 to be the Samba/LDAP PDC instead. However, I am
uncertain of what files need to be copied over to ensure that I don't have
to rejoin machines to the domain.  Searching the web I found information on
creating the initial PDC setup, but nothing on moving the PDC.  I also have a
system SAMBA/LDAP BDC running (server3) as a slave ldap server.  If is it easier
to just make the BDC the 'new' PDC that would also be a solution.  Can
somebody please let me know how to proceed?

Sincerely,
Dave Hopkins

On 10/7/07, dahopkins@comcast.net <dahopkins@comcast.net>
wrote:
> I need to move our existing Samba/LDAP PDC to another server.  Currently it
is on server1 and I want server2 to be the Samba/LDAP PDC instead. However, I am
uncertain of what files need to be copied over to ensure that I don't have
to rejoin machines to the domain.
All this info (about machine accounts) is stored only in the LDAP database.

If you are using ldap the only files that needs copyied/modifyied is
smb.conf,  /etc/nsswitch.conf, and your IDEALX config. Other than that
you will have to enter the LDAP password in the new server using
smbpasswd -w (i believe).

You did not mention if you were moving just the samba stuff or the
LDAP server as well as there is no requirement that the LDAP server is
on the same machine as the PDC. However, I assume you want to do that
as well. For that copy the /etc/openldap/schema folder and do a
slapcat (to a file) to dump the current ldap database. Then on the new
machine use slapadd with the file you dumped from slapcat.

John

-------------- Original message ----------------------
From: "John Drescher"
<drescherjm@gmail.com>
> On 10/7/07, dahopkins@comcast.net <dahopkins@comcast.net> wrote:
> > I need to move our existing Samba/LDAP PDC to another server. 
Currently it is
> on server1 and I want server2 to be the Samba/LDAP PDC instead. However, I
am
> uncertain of what files need to be copied over to ensure that I don't
have to
> rejoin machines to the domain.
> 
> All this info (about machine accounts) is stored only in the LDAP database.
> 
> If you are using ldap the only files that needs copyied/modifyied is
> smb.conf,  /etc/nsswitch.conf, and your IDEALX config. Other than that
> you will have to enter the LDAP password in the new server using
> smbpasswd -w (i believe).
Thanks, the smbpasswd piece may be what I am missing. I''l try it soon. 
Does that do the same thing as copying the  secrets.tbd file?   Last time I
tried this, every machine that was part of the domain lost its domain
membership.
> 
> You did not mention if you were moving just the samba stuff or the
> LDAP server as well as there is no requirement that the LDAP server is
> on the same machine as the PDC. However, I assume you want to do that
> as well. For that copy the /etc/openldap/schema folder and do a
> slapcat (to a file) to dump the current ldap database. Then on the new
> machine use slapadd with the file you dumped from slapcat.
> 
I am using LDAP for everything, and have a current dump of the ldap database. 
Hopefully it is just as simple as you've indicated for moving things over.