Web lists-archives.com

Re: [Samba] AD Backup Best Practice






On 10.02.2019 14:13, Viktor Trojanovic via samba wrote:
I'm currently reviewing my own backup strategy for Samba and I realize it
is not in line with best practices provided in the Wiki. (
https://wiki.samba.org/index.php/Back_up_and_Restoring_a_Samba_AD_DC) Said
best practices, however, seem a bit like a nightmare to me.

Assuming the AD is gone and you want to restore just one DC, and you want
things to look just as they did before the crash, the process according to
the Wiki looks as follows:

1. Install a Samba DC on a new (!) temporary host and provision the domain,
just like you would when doing a new install from scratch. That task alone
is tremendous.
2. Stop Samba and restore the AD from backup to this domain not (!) into
the default Samba folder, advise Samba accordingly when starting it.
3. On the original host, set up a Samba DC and join the domain.
4. If GPO or scripts exist on sysvol, manually set up sysvol replication to
get them to the original DC.
5. Remove the temporary host.

Just... wow. :)

Isn't there a simpler way of doing this? Namely, if all the restore
operations are done offline anyway, why is it frowned upon to simply do
everything on the original DC, i.e. forgo the temporary host, overwrite the
configuration files (/etc/samba) and the local Samba folder (e.g.
/var/lib/samba) with what's in the backup and be done with it? What's the
difference between doing this and just restoring the whole machine running
the DC bit for bit (dd backup and restore)?

Viktor
Hi folks,

Thanks for bringing this up Viktor!

I have got a bit of a bad conscience here. I have got a small domain, with around 10 users, and infrequent changes, and the AD DC resides on a virtual machine. A VM copy is what I do now and then. Hopefully it's sufficient...

Best regards,

Peter



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba