Andrew Bartlett via samba wrote 2018-09-06 17:33:> On Thu, 2018-09-06 at 11:50 +0200, Slim Ontario via samba wrote: >> Hi, >> >> I've a migrated samba-ad on my test-machine. Is it possible to >> transfer the >> samba directory (stored under /var/lib/samba) to another machine/my >> productive system? >> I would to these steps: >> - install samba and dependencies on new host >> - transfer my /var/lib/samba, /etc/krb5.conf and /etc/samba >> - start samba service >> >> Do I have other things to consider? > > We generally prefer folks to join a new DC to the domain, transfer > roles, sync sysvol and then demote, as this allows you to try out the > new DC before the old one is gone. > > However if you must, the above is OK if you keep the same 'netbios > name' and don't run both at the same time.Is there a "dump/restore" method, instead of copying the Samba database files (which means I must stop Samba for the duration of copying)?> Better still is using Samba 4.9 to backup the old domain and restore it > again.I am using Samba 4.7.6 on Ubuntu 18.04. AFAIK, Samba 4.9 isn't stable release yet (so I won't risk placing it into use outside a sandbox). If there's convenient and portable way of dumping/loading Samba 4.7+ data, I would also appreciate mentioning it, immensely. Thanks. Sincerely, Konstantin
On Fri, 2018-09-07 at 11:06 +0700, Konstantin Boyandin via samba wrote:> Andrew Bartlett via samba wrote 2018-09-06 17:33: > > On Thu, 2018-09-06 at 11:50 +0200, Slim Ontario via samba wrote: > > > Hi, > > > > > > I've a migrated samba-ad on my test-machine. Is it possible to > > > transfer the > > > samba directory (stored under /var/lib/samba) to another machine/my > > > productive system? > > > I would to these steps: > > > - install samba and dependencies on new host > > > - transfer my /var/lib/samba, /etc/krb5.conf and /etc/samba > > > - start samba service > > > > > > Do I have other things to consider? > > > > We generally prefer folks to join a new DC to the domain, transfer > > roles, sync sysvol and then demote, as this allows you to try out the > > new DC before the old one is gone. > > > > However if you must, the above is OK if you keep the same 'netbios > > name' and don't run both at the same time. > > Is there a "dump/restore" method, instead of copying the Samba database > files (which means I must stop Samba for the duration of copying)?If you don't want to stop Samba, then join the second DC. Otherwise if Samba is still running, the copy will be out of date. There is a dump/restore method in Samba 4.9 (see below) but still, it will be out of date as soon as it is taken, so just join the domain.> > Better still is using Samba 4.9 to backup the old domain and restore it > > again. > > I am using Samba 4.7.6 on Ubuntu 18.04. AFAIK, Samba 4.9 isn't stable > release yet (so I won't risk placing it into use outside a sandbox). > > If there's convenient and portable way of dumping/loading Samba 4.7+ > data, I would also appreciate mentioning it, immensely.Just join the second DC to the domain. Andrew Bartlett -- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Development and Support, Catalyst IT https://catalyst.net.nz/services/samba
On 07.09.2018 11:43, Andrew Bartlett wrote:> On Fri, 2018-09-07 at 11:06 +0700, Konstantin Boyandin via samba wrote: >> Andrew Bartlett via samba wrote 2018-09-06 17:33: >>> On Thu, 2018-09-06 at 11:50 +0200, Slim Ontario via samba wrote: >>>> Hi, >>>> >>>> I've a migrated samba-ad on my test-machine. Is it possible to >>>> transfer the >>>> samba directory (stored under /var/lib/samba) to another machine/my >>>> productive system? >>>> I would to these steps: >>>> - install samba and dependencies on new host >>>> - transfer my /var/lib/samba, /etc/krb5.conf and /etc/samba >>>> - start samba service >>>> >>>> Do I have other things to consider? >>> >>> We generally prefer folks to join a new DC to the domain, transfer >>> roles, sync sysvol and then demote, as this allows you to try out the >>> new DC before the old one is gone. >>> >>> However if you must, the above is OK if you keep the same 'netbios >>> name' and don't run both at the same time. >> >> Is there a "dump/restore" method, instead of copying the Samba database >> files (which means I must stop Samba for the duration of copying)? > > If you don't want to stop Samba, then join the second DC. Otherwise if > Samba is still running, the copy will be out of date. > > There is a dump/restore method in Samba 4.9 (see below) but still, it > will be out of date as soon as it is taken, so just join the domain.I see, thanks. I plan to have two DCs online, so I could put them down for maintenance one by one, without stopping entire domain services over network. Actually, I was asking about something different. ATM, in Samba 3 NT4 domain (LDAP backend) I can do the below to manage the domain data: - export data with slapcat - do whatever I need with the above dump (if necessary) and load them again with slapadd The above is very convenient - when domain data were damaged, I could fix the human-readable dump and re-load it to bring things back in order. Is something similar available for Samba 4 (below 4.9)? Dump data in human readable format and re-import when necessary? Thanks. Sincerely, Konstantin