Am 29.08.19 um 18:10 schrieb Rowland penny via samba:>> after that this former DC should become a plain DM file server >> >> Should I rm /var/lib/samba before editing smb.conf and re-joining? > > Just remove the .tdb & .ldb files and any cache files, do not remove the > main directory structure (except for sysvol etc).ok, will try in about 30mins thanks!
On 29.08.19 18:24, Stefan G. Weichinger via samba wrote:> Am 29.08.19 um 18:10 schrieb Rowland penny via samba: > >>> after that this former DC should become a plain DM file server >>> >>> Should I rm /var/lib/samba before editing smb.conf and re-joining? >> >> Just remove the .tdb & .ldb files and any cache files, do not remove the >> main directory structure (except for sysvol etc). > > ok, will try in about 30mins > thanks! >ok so far, works basically. But when I compare the group "domain users" on the 2 fileservers I see this issue: # former fileserver # wbinfo --group-info="domain users" domain users:x:10513: (correct to me) # new DM # wbinfo --group-info="domain users" domain users:x:100: ("100" is wrong ...) "same" smb.conf: [global] security = ADS workgroup = ARBEITSGRUPPE realm = arbeitsgruppe.mydom.at netbios name = BACKUP log level = 2 # template winbind nss info = template template shell = /bin/bash template homedir = /mnt/samba/Daten/%U idmap config * : backend = tdb idmap config * : range = 2000-3999 idmap config ARBEITSGRUPPE:backend = rid idmap config ARBEITSGRUPPE:range = 10000-99999 username map = /etc/samba/user.map kerberos method = secrets and keytab dedicated keytab file = /etc/krb5.keytab winbind use default domain = Yes winbind refresh tickets = Yes vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes
On 29.08.19 18:56, Stefan G. Weichinger via samba wrote:> On 29.08.19 18:24, Stefan G. Weichinger via samba wrote: >> Am 29.08.19 um 18:10 schrieb Rowland penny via samba: >> >>>> after that this former DC should become a plain DM file server >>>> >>>> Should I rm /var/lib/samba before editing smb.conf and re-joining? >>> >>> Just remove the .tdb & .ldb files and any cache files, do not remove the >>> main directory structure (except for sysvol etc). >> >> ok, will try in about 30mins >> thanks! >> > > ok so far, works basically. > But when I compare the group "domain users" on the 2 fileservers I see > this issue: > > # former fileserver > > # wbinfo --group-info="domain users" > domain users:x:10513: > > (correct to me) > > # new DM > > # wbinfo --group-info="domain users" > domain users:x:100: > > ("100" is wrong ...)"net cache flush" fixed it (for now) reading : https://techblog.devlat.eu/2017/02/04/gid-of-the-domain-users-resetting-to-100-with-a-samba-ad-dc/