On 03/26/12 04:56, Arnold Krille wrote:
Hi,
On 03/24/2012 08:09 PM, Simon Matthews wrote:
I currently have a server which is both the PDC for my domain and the
file
server for the network.
I need to split these functions and move the PDC function to another
box,
while leaving the original server as the file server on which home
directories and roaming profiles are stored. User credentials are
stored in
a tdbsam database and I am running Samba 3.5.
I can't comment on the actually samba-internal files as I haven't yet
moved a samba server from one machine to the other.
But as far as my understanding of windows-domains (and the excellent
samba3.5 docs) goes, the pdc has its special role for two things:
providing the login-information and providing at least the
logon-share, maybe even the profiles-share.
So I doubt that you can completely separate your servers. Of course
you can set up a second samba-server (as bdc or normal domain-member)
to provide additional shares. Wouldn't it be easier on your case to
just move some of the shares to the second machine?
Have fun,
Arnold
The best way in this situation to relocate the PDC role to a new machine
is to configure the new machine as a BDC. You can then promote the new
machine to PDC while demoting the original PDC to BDC (or even to a
domain member.) Samba has a user attribute called "Profile Path" -
see "man pdbedit" - you should be able to specify the actual server
used for the profile directory.
I find benefits to having a file server be a DC- there is redundancy
for domain authentication, and the "windows" users are mapped properly
to the "unix" users. I also found I needed to keep the WINS server
role with the PDC- but that may have been because my PDC was newer
version of samba than the BDC's for a while.
But I would agree with Arnold that adding a new file server and not
tinkering with PDC seems easiest.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
