Rowland Penny
2025-Feb-27 18:58 UTC
[Samba] How to safely rejoin an upgraded linux domain member?
On Thu, 27 Feb 2025 17:04:18 +0000 Luis Peromarta via samba <samba at lists.samba.org> wrote:> The leave / join process of a samba server is straight forward and > should give no grief. > > Build the new server, sync the data with rsync -AXavz (will preserve > all xattr) from old to new (with old server running and in ops) also > sync the smb.conf file. I understand shares will be equal if not > update smb.conf. On transition day advise of downtime, do a final > rsync (should be quick). > > Stop samba, remove smb.conf and power off old server. > > Join the new server with same name. Users should not notice theI would think the only possible way of anything noticing is if the computers SID is used in a search. Even though everything is the same, leaving the domain and joining again will mean the computer being treated as a new machine with a new SID. Rowland
Jakob Curdes
2025-Feb-28 07:57 UTC
[Samba] How to safely rejoin an upgraded linux domain member?
Am 27.02.2025 um 19:58 schrieb Rowland Penny via samba:> On Thu, 27 Feb 2025 17:04:18 +0000 > Luis Peromarta via samba <samba at lists.samba.org> wrote: > >> The leave / join process of a samba server is straight forward and >> should give no grief. >> >> Build the new server, sync the data with rsync -AXavz (will preserve >> all xattr) from old to new (with old server running and in ops) also >> sync the smb.conf file. I understand shares will be equal if not >> update smb.conf. On transition day advise of downtime, do a final >> rsync (should be quick). >> >> Stop samba, remove smb.conf and power off old server. >> >> Join the new server with same name. Users should not notice the > I would think the only possible way of anything noticing is if the > computers SID is used in a search. Even though everything is the same, > leaving the domain and joining again will mean the computer being > treated as a new machine with a new SID. > > RowlandOk, thank you both very much for confirming, that is what I thought. Maybe we could write this down somewhere in the wiki. I once had access, I think,? but need to dig for the credentials. Regards, Jakob