create second samba4 active directory domain controller for backup

ubuntu domain directory samba4 controller
5,865

Solution 1

Active directory knows the concept of multiple DCs replicating in a multi-master fashion. That means that you can add additional DCs to your existing domain. See the full instructions on the Samba Wiki.

In this setup, all DCs for the domain will be active simultaneously, and clients will use all of them. If one DC fails, the clients will simply continue to use the other DC(s). If a DC should be taken out of the domain, the process is called demotion of the DC. There are also notes for that on the Samba Wiki.

Note that the replication that is currently impemented with Samba only treats the directory data, not file share data. While there are file replication mechanisms in Windows, these are not fully implemented in Samba yet. If you want to do serious file sharing, you may want to do that not on the DCs but on additional Samba servers that are members of the domain. You would then make the file server highly available by establishing a backup of the data to a different server that is configured to take over the file server role if the productive file server fails. (Alternatively, a clustered/distributed file system could be used to store the file server data and samba could be clustered with CTDB, but that might be an overkill for your purposes.)

Solution 2

When you set up your first DC with Samba4, the term used is that you "provision" the domain. Among other things, provisioning creates the databases Samba uses.

Then when you add another DC (and you should have at least 2) you install Samba on it, configure it to use the first DC as its nameserver, and then join the domain. This will replicate the databases to the new DC and allow it to validate logins, etc. As mentioned in the other answer, the Samba wiki has instructions for joining another DC.

When you add another DC, be sure to follow the step labelled "GID mappings of built-in groups." One of the tricky things with Samba4 is getting all the mapping of UIDs/GIDs to work properly and with DCs you really want to do that step.

Unlike Windows Servers, Samba doesn't replicated the contents of the sysvol folder among DCs. If you want to use GPOs (which are stored under sysvol), you'll have to set up something to sync them yourself.

Finally a warning: demoting your first DC - which will hold the 5 (or 7, depending on how you count) FSMO roles - is problematic.

Share:
5,865

Related videos on Youtube

testuser
Author by

testuser

Updated on September 18, 2022

Comments

  • testuser
    testuser almost 2 years

    I built up a samba4 active directory domain controller on ubuntu 14.04 and everything is working fine. The Windows clients can log in and do stuff. So far so good.

    However, in case of emergency, I want to have a second samba4 ad dc, which will take the place of the first one. Both should be "identically" concerning functionallity and data up-to-dateness.

    Is it possible to run two samba4 ad dc servers parallel, which are communicating with each other, and if one goes down, the other one is replacing the "main" server ? If so, how to achieve this goal? Any suggestions?

    Thank you in advance

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Multiple Document Roots based on directory?
Is there a way to empty the trash/wastebasket from the command line?
How to move a file to /usr/local in Ubuntu?
inotifywait different action on file or dir
How can I rename all files in the current directory having a particular extension to another extension?
Why am I unable to reach local network computers, but able to browse the web?
Commands for successful domain controller replication on Ubuntu / Samba4 / Zentyal
How can I learn that a "net user /domain" command was used.
Domain controller malfunction
Allowing windows machines to ping Linux Box by Hostname