Link de auxílio:
https://wiki.samba.org/index.php/Dbcheck
https://wiki.samba.org/index.php/Back_up_and_Restoring_a_Samba_AD_DC
https://wiki.samba.org/index.php/Using_the_samba_backup_script
https://wiki.samba.org/index.php/Domain_rename_tool
Para este backup, estamos considerando que seu servidor está instalado e operando em condições normais. Esta página descreve a criação de um backup no Samba v4.9 em diante.
# samba-tool domain backup online --targetdir=/root/backup --server=dc1.mundobsd.local -UAdministrator
– Explicação do comando:
--targetdir=/root/backup : diretório onde você irá salvar o bakcup --server=dc1.mundobsd.local : nome do servidor de domínio que será realizado o backup da base -UAdministrator : usuário, será necessário informar a senha de administrador
OBS: Se tudo estiver correto, o comando será executado sem nenhum erro.
# cd /root/backup # ls -l total 3934 -rw-r--r-- 1 root wheel 1335879 Jul 17 11:32 samba-backup-mundobsd.local-2023-07-17T11-32-16.809635.tar.bz2
# samba-tool domain backup restore --backup-file=/root/backup/samba-backup-mundobsd.local-2023-07-17T11-32-16.809635.tar.bz2 --targetdir=/var/db/samba4 --newservername=dc4.mundobsd.local Adding new DC to site 'Default-First-Site-Name' Updating basic smb.conf settings... Creating account with SID: S-1-5-21-3133508150-1414736299-1014525263-2101 Adding CN=DC4.MUNDOBSD.LOCAL,OU=Domain Controllers,DC=mundobsd,DC=local Adding CN=DC4.MUNDOBSD.LOCAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundobsd,DC=local Adding CN=NTDS Settings,CN=DC4.MUNDOBSD.LOCAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundobsd,DC=local Adding SPNs to CN=DC4.MUNDOBSD.LOCAL,OU=Domain Controllers,DC=mundobsd,DC=local Setting account password for DC4.MUNDOBSD.LOCAL$ Enabling account Seizing rid FSMO role... FSMO seize of 'rid' role successful Seizing pdc FSMO role... FSMO seize of 'pdc' role successful Seizing naming FSMO role... FSMO seize of 'naming' role successful Seizing infrastructure FSMO role... FSMO seize of 'infrastructure' role successful Seizing schema FSMO role... FSMO seize of 'schema' role successful Removing nTDSDSA: CN=NTDS Settings,CN=DC3.MUNDOBSD.LOCAL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mundobsd,DC=local (and any children) Removing RID Set: CN=RID Set,CN=DC3.MUNDOBSD.LOCAL,OU=Domain Controllers,DC=mundobsd,DC=local Removing computer account: CN=DC3.MUNDOBSD.LOCAL,OU=Domain Controllers,DC=mundobsd,DC=local (and any child objects) Removing Sysvol reference: CN=DC3.MUNDOBSD.LOCAL,CN=Enterprise,CN=Microsoft System Volumes,CN=System,CN=Configuration,DC=mundobsd,DC=local Removing Sysvol reference: CN=DC3.MUNDOBSD.LOCAL,CN=mundobsd.local,CN=Microsoft System Volumes,CN=System,CN=Configuration,DC=mundobsd,DC=local Removing Sysvol reference: CN=DC3.MUNDOBSD.LOCAL,CN=Domain System Volumes (SYSVOL share),CN=File Replication Service,CN=System,DC=mundobsd,DC=local Removing Sysvol reference: CN=DC3.MUNDOBSD.LOCAL,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=mundobsd,DC=local Fixing up any remaining references to the old DCs... Backup file successfully restored to /var/db/samba4 Please check the smb.conf settings are correct before starting samba.
– Se tudo estiver correto, você receberá as mensagens parecidas às minhas.
Explicando o comando:
--backup-file=/root/backup/samba-backup-mundobsd.local-2023-07-17T11-32-16.809635.tar.bz2 : arquivo de backup, caminho completo --targetdir=/var/db/samba4 : diretório onde os arquivos da base do samba serão salvos (diretório padrão no FreeBSD) --newservername=dc4.mundobsd.local : nome do novo DC
# cd /var/db/samba4/etc/ # cp smb.conf /usr/local/etc/smb4.conf
# chmod 0755 /var/db/samba4/
# /usr/local/etc/rc.d/samba_server start
# # samba-tool dbcheck Checking 276 objects NOTE: old (due to rename or delete) DN string component for rIDSetReferences in object CN=DC3.MUNDOBSD.LOCAL\0ADEL:0c87435b-8219-4add-aeec-bc01c1894d58,CN=Deleted Objects,DC=mundobsd,DC=local - CN=RID Set,CN=DC3.MUNDOBSD.LOCAL,OU=Domain Controllers,DC=mundobsd,DC=local Not fixing old string component Checked 276 objects (0 errors)
OBS: No meu caso não há erros, porém há algumas entradas referentes ao antigo servidor (dc3), para corrigir use o comando abaixo:
# samba-tool dbcheck --cross-ncs --fix --yes Checking 3707 objects NOTE: old (due to rename or delete) DN string component for rIDSetReferences in object CN=DC3.MUNDOBSD.LOCAL\0ADEL:0c87435b-8219-4add-aeec-bc01c1894d58,CN=Deleted Objects,DC=mundobsd,DC=local - CN=RID Set,CN=DC3.MUNDOBSD.LOCAL,OU=Domain Controllers,DC=mundobsd,DC=local Change DN to <GUID=fb7cad1a-483c-44ec-9804-dc6fdb1545da>;CN=RID Set\0ADEL:fb7cad1a-483c-44ec-9804-dc6fdb1545da,CN=Deleted Objects,DC=mundobsd,DC=local? [YES] Fixed old DN string on attribute rIDSetReferences Checked 3707 objects (0 errors)
# samba-tool dbcheck Checking 276 objects Checked 276 objects (0 errors)