** You should upgrade to at least 4.4.2 because of the Badlock Bug, released 4-12-2016 **

Backup and Restoring Samba 4.4.0 instructions is on Samba wiki website  https://wiki.samba.org/index.php/Backup_and_Recovery, but I found one minor difference.  I also used SAMBA_INTERNAL as my DNS backend and not using Bind.

** First though, it states from their wiki, this in only draft and might not work. **

Backup:

Backup Samba script isn’t installed but it’s in your source folder.  Mine source folder in the Downloads/samba-4.4.0/ folder.

# sudo cp .../source4/scripting/bin/samba_backup /usr/sbin
# sudo chown root:root /usr/sbin/samba_backup
# sudo chmod 750 /usr/sbin/samba_backup

The default folders and default days in their samba_backup scripts are below and you can change them.

FROMWHERE=/usr/local/samba
WHERE=/usr/local/backups
DAYS=90

Then make the WHERE folder:

# sudo mkdir /usr/local/backups
# sudo chmod 750 /usr/local/backups

Start the backup script for a first test:

#sudo /usr/sbin/samba_backup

If the script exits without an error, you should find three files in the destination folder:

  • etc.{Timestamp}.tar.bz2
  • samba4_private.{Timestamp}.tar.bz2
  • sysvol.{Timestamp}.tar.bz2

If your test backup succeeded, you should add a cron-job for daily backup:

# crontab -e

Add the following line to backup daily at 2am:

0 2 * * *       /usr/sbin/samba_backup

Note: Make sure, when running the script via cron, all required binaries are part of the $PATH variable, as well. If the correct path isn’t defined system-wide, you can either set the variable in your crontab or at the beginning of the script after the shebang (#!) li. 

I have to the add this my CentOS samba_backup after the #! to make crontab work:

PATH=${PATH}:/usr/local/samba/bin:/usr/local/samba/sbin

 

Restore

The following restore guide assumes, that you backed-up your databases with the ‘samba_backup’ script.

Very important notes:

  • Never do a restore and a version change at once! Always restore on a system that uses the same Samba version than the one you created the backup on!
  • Restore on a system with the same IP and Hostname. Otherwise you’ll run into Kerberos and DNS issues.
  • Recommended: Restore on the same OS than where you created the backup.

The most important thing in a restore situation is to bring your system back to a running state. Do changes later, if everything is up and tested. Never together with a restore!

If your whole system is broken, you have first to setup the whole machine like described in the HowTos (Active Directory Controller or Domain Member) or on my blogs how to install Samba AD DC.

Remove the folders, that we will restore (samba must not be running):

# rm -rf /usr/local/samba/etc
# rm -rf /usr/local/samba/private
# rm -rf /usr/local/samba/var/locks/sysvol

Now unpack your latest working backup files to their old location ( I changed the last line):

# cd /usr/local/backups
# tar -jxf etc.{Timestamp}.tar.bz2 -C /usr/local/samba/
# tar -jxf samba4_private.{Timestamp}.tar.bz2 -C /usr/local/samba/
# tar -jxf sysvol.{Timestamp}.tar.bz2 -C /usr/local/samba/var/locks/ /usr/local/samba/

It also states this, but my private directory uses .ldb and .ldb.bak files:

Rename *.ldb.bak files in the ‘private’ directory back to *.ldb. With GNU find and Bash this can be done at once by:

# find /usr/local/samba/private/ -type f -name '*.ldb.bak' -print0 | while read -d $'\0' f ; do mv "$f" "${f%.bak}" ; done

I usually reboot the Samba server after I done, and then check if the Microsoft Windows stations can connect.  If they can, you save the day.  Whew….

 

References:

https://wiki.samba.org/index.php/Backup_and_Recovery

 

Advertisements

One thought on “Backup and Restoring Samba 4.4.0

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s