I want to setup a backup AD DC and have a few quick
(possibly dumb) questions:
1) Is this link the best reference to the procedure to
create the backup AD DC?
->
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
2) What is considered the best samba option of
the 3 listed for Sysvol Replication under the Subsection
titled "Built-in User & Group ID Mappings" in the
link provided above?
3) Does the backup and the primary need to run the
same version of samba?
Thank you
On 29/10/2020 14:43, Marco Shmerykowsky via samba wrote:> I want to setup a backup AD DC and have a few quick > (possibly dumb) questions:No, you just want to add another DC> > 1) Is this link the best reference to the procedure to > ?? create the backup AD DC? > > -> > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_DirectoryIt is a good start, then ask any questions here.> > 2) What is considered the best samba option of > ?? the 3 listed for Sysvol Replication under the Subsection > ?? titled "Built-in User & Group ID Mappings" in the > ?? link provided above?This is very subjective, if you ask 100 Samba users 'which is best', you will probably get about 150 different answers :-D> > 3) Does the backup and the primary need to run the > ?? same version of samba?I think you mean 'Does the DC with all the FSMO roles and any other DC need to run the same version of Samba' , to which the answer would be: Ideally yes, but different versions will work together, just don't try to use something like 4.1.x and 4.12.x together, it may work, but I would bet there will be problems. Rowland
On Thu, 29 Oct 2020, Rowland penny via samba wrote:> On 29/10/2020 14:43, Marco Shmerykowsky via samba wrote: >> I want to setup a backup AD DC and have a few quick >> (possibly dumb) questions: > No, you just want to add another DC >> >> 1) Is this link the best reference to the procedure to >> ?? create the backup AD DC? >> >> -> >> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory > It is a good start, then ask any questions here. >> >> 2) What is considered the best samba option of >> ?? the 3 listed for Sysvol Replication under the Subsection >> ?? titled "Built-in User & Group ID Mappings" in the >> ?? link provided above? > This is very subjective, if you ask 100 Samba users 'which is best', you will > probably get about 150 different answers :-D >> >> 3) Does the backup and the primary need to run the >> ?? same version of samba? > > I think you mean 'Does the DC with all the FSMO roles and any other DC need > to run the same version of Samba' , to which the answer would be: > > Ideally yes, but different versions will work together, just don't try to use > something like 4.1.x and 4.12.x together, it may work, but I would bet there > will be problems.Maybe I am missing something, but what is the secure way to run an automated backup on recent versions of samba? Can samba-tool domain backup be made to use kerberos so I do not need to store an admin password in an unencrypted file? Regards, -- Tom me at tdiehl.org