Re: [Samba] Suggestions for moving a PDC function
Hi, On 03/24/2012 08:09 PM, Simon Matthews wrote: I currently have a server which is both the PDC for my domain and the file server for the network. I need to split these functions and move the PDC function to another box, while leaving the original server as the file server on which home directories and roaming profiles are stored. User credentials are stored in a tdbsam database and I am running Samba 3.5. I can't comment on the actually samba-internal files as I haven't yet moved a samba server from one machine to the other. But as far as my understanding of windows-domains (and the excellent samba3.5 docs) goes, the pdc has its special role for two things: providing the login-information and providing at least the logon-share, maybe even the profiles-share. So I doubt that you can completely separate your servers. Of course you can set up a second samba-server (as bdc or normal domain-member) to provide additional shares. Wouldn't it be easier on your case to just move some of the shares to the second machine? Have fun, Arnold -- bcs kommunikationslösungen Inh. Carsten Burkhardt Harz 51 * 06108 Halle tel +49 345 29849-0 fax +49 345 29849-22 mailto:i...@b-c-s.de http://www.b-c-s.de -- Sent from our Linuxterminalserver. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Suggestions for moving a PDC function
On 03/26/12 04:56, Arnold Krille wrote: Hi, On 03/24/2012 08:09 PM, Simon Matthews wrote: I currently have a server which is both the PDC for my domain and the file server for the network. I need to split these functions and move the PDC function to another box, while leaving the original server as the file server on which home directories and roaming profiles are stored. User credentials are stored in a tdbsam database and I am running Samba 3.5. I can't comment on the actually samba-internal files as I haven't yet moved a samba server from one machine to the other. But as far as my understanding of windows-domains (and the excellent samba3.5 docs) goes, the pdc has its special role for two things: providing the login-information and providing at least the logon-share, maybe even the profiles-share. So I doubt that you can completely separate your servers. Of course you can set up a second samba-server (as bdc or normal domain-member) to provide additional shares. Wouldn't it be easier on your case to just move some of the shares to the second machine? Have fun, Arnold The best way in this situation to relocate the PDC role to a new machine is to configure the new machine as a BDC. You can then promote the new machine to PDC while demoting the original PDC to BDC (or even to a domain member.) Samba has a user attribute called Profile Path - see man pdbedit - you should be able to specify the actual server used for the profile directory. I find benefits to having a file server be a DC- there is redundancy for domain authentication, and the windows users are mapped properly to the unix users.I also found I needed to keep the WINS server role with the PDC- but that may have been because my PDC was newer version of samba than the BDC's for a while. But I would agree with Arnold that adding a new file server and not tinkering with PDC seems easiest. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Suggestions for moving a PDC function
I currently have a server which is both the PDC for my domain and the file server for the network. I need to split these functions and move the PDC function to another box, while leaving the original server as the file server on which home directories and roaming profiles are stored. User credentials are stored in a tdbsam database and I am running Samba 3.5. Does anyone have any pointers on what to move and any potential pitfalls in the process? I have always used the same machine for both the PDC and file server, so this is somewhat unknown territory for me. I assume that the file server will still run samba, and I will change the domain master = and domain logins = to no in both cases. Also security = should be set to security = domain and add set up a machine account on the file server which is then joined to the domain? What files need to be moved to the new samba server? I see that there are files in /var/cache/samba (it's a Gentoo system) which I assume also have to be put into the proper place on the new server. Is there anything else I need to look for. Many thanks for any suggestions. Simon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
