So it seems that I improperly planned my Samba4 deployment, and I need to rename my domain. Wondering how to do this properly so that clients will not be forced to rejoin, etc. Current info ------------------ Sernet Samba 4.1 on CentOS 6.4 x64 Using bind BIND_DLZ backend w/ bind 9.8 smb.conf: server role = ad workgroup = EXAMPLE realm = EXAMPLE.COM netbios name = dc1 krb5.conf: default_realm = EXAMPLE.COM dns_lookup_realm = true dns_lookup_kdc = true Basically, the issue I'm running into is that I need to point example.comto our externally hosted web site, and because of this, I am unable to resolve \\example.com\SysVol\etc\etc for my GPO's, and thus they never get applied. (I actually briefly had this resolved by adding "host msdfs yes" in smb.conf, but that is no longer working, for whatever reason). At any rate, I'd like to nip this in the bud by changing my internal network to use "internal.example.com". Is this possible without re-provisioning? What pieces to I have to update (smb.conf, krb5.conf, execute some "samba-tool dns" command, etc)? I'm a little confused on which of the following would be affected (or if some of them mean the same thing): DNS Domain name, realm, samba domain name. For the record, I'd want to keep the workgroup name (EXAMPLE) to be the same in smb.conf. Thank you for any pointers, and if you need anymore info, please let me know.
Andrew Bartlett
2013-Dec-01 04:49 UTC
[Samba] How to properly change my Samba4 domain name?
On Wed, 2013-11-27 at 16:45 -0800, Scott Goodwin wrote:> So it seems that I improperly planned my Samba4 deployment, and I need to > rename my domain. Wondering how to do this properly so that clients will > not be forced to rejoin, etc.Currently we don't support it. Even migrating to Windows, running the MS tool there and then replicating back won't work, as we don't like the incremented replication epoch counter. It needs someone to spend a fair effort in our replication code. We need someone committed to making this happen to learn enough about this area and to follow though with working and tested patches. Sorry, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba