On 16/12/2020 17:22, Marco Gaiarin via samba wrote:> In my adventure with Samba/AD i've done the 'wrong thing', eg i've used > a container (LXC) for DCs. > Now i want to fix that, moving from LXC to a plain VM. > > OK, i can bring up a new set of DCs, join them, and then tear down the > old.This probably should work, only way to find out is to try it. Create a new VM and try and join it to your AD domain as a DC. If it works (and I can see no reason why it shouldn't) then transfer all the FSMO roles to the DC running in the VM, demote all the other DC's and shut them down, never to restart them.> But because containers and VMs is both debian with Lois package, can i > simply 'copy over' configuration files and 'var' files from the container > to the VMs? > > I think will suffices to copy: > > /etc/samba > /etc/bind > /etc/krb5.conf > /etc/ntp.conf > /etc/nsswitch.conf > /var/lib/samba > /var/spool/samba > /var/log/sambaWhilst that 'may' work, you would have to clone everything else (hostname, ipaddress, etc) and will undoubtedly be fraught with numerous dangers, I would only attempt this as a last resort. You could also try backing up the domain with the samba-tool backup tools and then restoring to a new DC in a VM. Rowland
I do have a question that probably fits nicely... rather than starting from scratch with a new DC I?d like to clone an existing DC (with network turned off, samba-ad-dc stopped and disabled) and join that after changing the host name etc. I assume the list below -- suffices to copy -- that include samba in the path are exactly the directories I should consider to clean before joining, correct? Any others? Thanks, Joachim -----Urspr?ngliche Nachricht----- Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland penny via samba Gesendet: Wednesday, 16 December 2020 18:36 An: samba at lists.samba.org Betreff: Re: [Samba] Moving a DC... On 16/12/2020 17:22, Marco Gaiarin via samba wrote:> In my adventure with Samba/AD i've done the 'wrong thing', eg i've > used a container (LXC) for DCs. > Now i want to fix that, moving from LXC to a plain VM. > > OK, i can bring up a new set of DCs, join them, and then tear down the > old.This probably should work, only way to find out is to try it. Create a new VM and try and join it to your AD domain as a DC. If it works (and I can see no reason why it shouldn't) then transfer all the FSMO roles to the DC running in the VM, demote all the other DC's and shut them down, never to restart them.> But because containers and VMs is both debian with Lois package, can i > simply 'copy over' configuration files and 'var' files from the > container to the VMs? > > I think will suffices to copy: > > /etc/samba > /etc/bind > /etc/krb5.conf > /etc/ntp.conf > /etc/nsswitch.conf > /var/lib/samba > /var/spool/samba > /var/log/sambaWhilst that 'may' work, you would have to clone everything else (hostname, ipaddress, etc) and will undoubtedly be fraught with numerous dangers, I would only attempt this as a last resort. You could also try backing up the domain with the samba-tool backup tools and then restoring to a new DC in a VM. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Mandi! Rowland penny via samba In chel di` si favelave...> This probably should work, only way to find out is to try it. Create a new > VM and try and join it to your AD domain as a DC. If it works (and I can see > no reason why it shouldn't) then transfer all the FSMO roles to the DC > running in the VM, demote all the other DC's and shut them down, never to > restart them.I prefere NOT to do this because this will involve changing on al other network setup server names and DNS, so i'm asking a 'in place' (same name, same IP) move.> You could also try backing up the domain with the samba-tool backup tools > and then restoring to a new DC in a VM.Oh! Never minded about that! Thanks for the hint! -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bont?, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
> > I prefere NOT to do this because this will involve changing on al other > network setup server names and DNS, so i'm asking a 'in place' (same > name, same IP) move.https://www.man42.net/blog/2017/07/how-to-migrate-a-debian-server/ thats the long and most save version. the quicker that works i've already posted that on thu 15-12-2020 9:15 [Samba] Cloning Samba equipped VM That works fine. Greetz, Louis