On 20/02/2021 13:51, Anders ?stling wrote:> I have a question regarding the correct procedure for cloning a domain
> member with Samba.
>
> The background is that I have, in my lab, an existing SRV03 with
> Samba, using two virtual disks, systemdisk in qcow2 and datadisk in
> img format. The reason is that I will attempt to have a redundant file
> server stand-by with replicated data.
>
> I cloned SRV03 to SRV04
> Booted up SRV04
> I shutdown smbd and winbind on SRV04 and left the domain
> Then I deleted all .tlb and .tdb files
> Rebooted and joined the domain (no error, DNS was also updated)
> Started smbd and winbind, services running and shares are displayed
> using smbclient -L localhost
I take it you do not have the 'netbios name' parameter in the smb.conf
files.
>
> Now the funny thing
>
> wbinfo -g and wbinfo -u shows the same information on both nodes (real
> user and group names)
A bit meaningless on a Unix domain member, they just prove that users &
groups are in AD, they do not show that they are known to Unix. You need
to use 'getent', 'getent passwd AUSERNAME' should show the Unix
info for
the user 'AUSERNAME' and 'getent group AGROUPNAME' should show
the Unix
info for the group 'AGROUPNAME'.
>
> From a Windows client, folders on a share on the old SRV03 has the
> correct security groups listed
> Mapped the same share on SRV04, but now the group names are NOT
> listed, instead there are numeric groups shown.
This is strange, if you removed all the .ldb & .tdb files and then left
the domain and rejoined as a new Unix domain member, it should work.
You cloned SRV03, how ?
Did you shutdown SRV03 before you started SRV04 ?
Did you stop Samba (also stop it starting at boot) and then change the
hostname and ipaddress, then reboot ?
At this point, you wouldn't need to leave the domain because this
machine wouldn't be joined to the domain. Now you could remove the .ldb
& .tdb files, join the domain and start Samba.
Everything on SRV04 should now work just like SRV03 (which you could now
restart).
Rowland