samba - Aug 2009 - Migrating to replacement PDC

I've been reading the SAMBA documentation at:
http://us3.samba.org/samba/docs/man/Samba-Guide/upgrades.html#id2600749

But I just need some confirmation since this is our primary server,  
and I'm not fully confident about what I read.

SITUATION:
We currently have a Samba server running as our Primary Domain  
Controller which is authenticating against a local LDAP database.  The  
hardware is failing so we need to build a replacement box.  Machine  
hostnames are based off of asset tags, so the hostnames will be  
different between the two servers.

The intention is to build the NEW server with a unique hostname and  
temp IP address, and the same smb.conf.  Then at the point of  
migration, change the IP address of the NEW server to that of the OLD  
server, start up SAMBA, and then let it take over as the PDC.

QUESTIONS:
And from what I understand, as long as I make sure the NEW server has  
the same NETBIOS name in the /etc/samba/smb.conf file, then it should  
pull the "domain SID" from LDAP the first time it is started.

Does this mean I don't need to import the "secrets.tdb" or
manually
set the SID with "net setlocalsid S-1-5-21-22-2394995923-3994118334",
or change the hostname that of the OLD server?

MISC FACTS:
OLD Server
	Hostname: asset01
	DNS Name(s): asset01 PDC LDAP
	NETBIOS: PDC
	IP: 172.16.1.1
	Services: SAMBA, LDAP
	
NEW Server (future values are in < > )
	Hostname: asset02
	DNS Name(s): asset02 <asset02 PDC LDAP>
	NETBIOS: <PDC>
	IP: 172.16.1.2 <172.16.1.1>
	Services: SAMBA, LDAP

----
Brian H
binarynomad at gmail.com
http://www.binarynomad.com

On 08/19/2009 09:41 PM, Brian H wrote:
> 
> I've been reading the SAMBA documentation at:
> http://us3.samba.org/samba/docs/man/Samba-Guide/upgrades.html#id2600749
> 
> But I just need some confirmation since this is our primary server, and
> I'm not fully confident about what I read.
> 
> SITUATION:
> We currently have a Samba server running as our Primary Domain
> Controller which is authenticating against a local LDAP database.  The
> hardware is failing so we need to build a replacement box.  Machine
> hostnames are based off of asset tags, so the hostnames will be
> different between the two servers.
> 
> The intention is to build the NEW server with a unique hostname and temp
> IP address, and the same smb.conf.  Then at the point of migration,
> change the IP address of the NEW server to that of the OLD server, start
> up SAMBA, and then let it take over as the PDC.
> 
> QUESTIONS:
> And from what I understand, as long as I make sure the NEW server has
> the same NETBIOS name in the /etc/samba/smb.conf file, then it should
> pull the "domain SID" from LDAP the first time it is started.
Not at all. You need to configure the new server as a BDC.  Then BEFORE
joining it to the domain, import the domain SID as follows:

	net rpc getsid

Now join the domain:

	net rpc join

Then you can shutdown both servers when you are ready, convert the BDC
to the PDC, convert the old PDC to a BDC, restart both servers, or just
the PDC and you will be in business.

PS: The PDC has:
	domain logons = Yes
	domain master = Yes

The BDC has:
	domain logons = Yes
	domain master = No
> Does this mean I don't need to import the "secrets.tdb" or
manually set
> the SID with "net setlocalsid S-1-5-21-22-2394995923-3994118334",
or
> change the hostname that of the OLD server?
No. No need to do this.

Cheers,
John T.
> MISC FACTS:
> OLD Server
>     Hostname: asset01
>     DNS Name(s): asset01 PDC LDAP
>     NETBIOS: PDC
>     IP: 172.16.1.1
>     Services: SAMBA, LDAP
>     
> NEW Server (future values are in < > )
>     Hostname: asset02
>     DNS Name(s): asset02 <asset02 PDC LDAP>
>     NETBIOS: <PDC>
>     IP: 172.16.1.2 <172.16.1.1>
>     Services: SAMBA, LDAP
> 
> ----
> Brian H
> binarynomad at gmail.com
> http://www.binarynomad.com
>