Univention Bugzilla – Bug 30216
Best Practice Backup/Restore Samba4 DCs
Last modified: 2020-07-02 17:20:28 CEST
Requested in Ticket#: 2013011121000717 There should be a documentation how a consistent filesystem backup of UCS DC with Samba4 can be done and how a restore is possible without risk of data corruption in connection with DRS (AD replication) and Sysvol replication. Recommendations might be: Backup: - stop Samba4, Bind and Openldap to ensure database consitency Restore: - if the system is not the only Samba4 DC, do a desaster recovery without network connection, stop Samba4, restore the network connection and rejoin Samba4 or do a univention-join
https://wiki.samba.org/index.php/Backup_and_Recovery
Created attachment 5787 [details] backup_samba4.sh initial version There are quite a number of steps to be considered for recovery, so maybe it would be good to provide a script like the one attached, which takes the user and asks step by step for confirmation about the suggested next step. Samba upstream provides a somewhat more basic version of this, which we currently don't install in UCS. On backup the attached script * stops the UCS services * stores xattrs for the SYSVOL files * tars everything in /etc/samba and /var/lib/samba (e.g. printer drivers) * saves the state of the S4-Connector (internal.sqlite and the pickle files) * restarts the services On recovery the script * stops the UCS services * restores the files in the backup-archive selected * restores the sysvol xattrs * optionally generates a new invocationID for the database of the local server (to be tested, this should help avoiding USN rollback issues) * optionally ucr commits the standard smb.conf and base.conf * optionally starts the services again
Changes and improvements for SDB entries aren't tracked in Bugzilla anymore, so I close these entries. Please comment on help.univention.com or get in touch with the Univention Support team in case you have any suggestions for the SDB.