Author Topic: Promote additional DC to main without loosing users?  (Read 112 times)

kcurtis

  • Zen Apprentice
  • *
  • Posts: 22
  • Karma: +1/-0
    • View Profile
Promote additional DC to main without loosing users?
« on: December 03, 2018, 02:05:39 pm »
I have 3 Zentyal boxes (6.0.1, 5.1.1, 6.0.1) Our main DC crashed and I loaded a new one but it came up also as additional. When I go to change it to the main Domain Controller it says the database will be reprovisioned and all computers will need to rejoin the domain.

Is this true? Will I need to go to every workstation, remove them from the domain, rejoin them? Or is that saying I will need to just reboot them?

Also, promoting it will keep all user accounts correct?
« Last Edit: December 03, 2018, 02:09:34 pm by kcurtis »

BerT666

  • Zen Warrior
  • ***
  • Posts: 198
  • Karma: +5/-0
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #1 on: December 04, 2018, 12:35:50 pm »
Hi, I think there is no "Zentyal way" to promote a Server to the primary...

You could assign the FSMO roles to another server :-)
The sad thing is, there is (as far as I know) no sync of the SYSVOL folder...

Regards

Thomas

kcurtis

  • Zen Apprentice
  • *
  • Posts: 22
  • Karma: +1/-0
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #2 on: December 04, 2018, 01:10:37 pm »
So even if I roll out another server and make it the primary it will never pull the users, passwords and computers?

No backup - restore users option?

basselope

  • Zen Apprentice
  • *
  • Posts: 20
  • Karma: +1/-0
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #3 on: December 04, 2018, 03:04:35 pm »
Once you have sorted out the situation, check https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround  : the lack of SYSVOL replication is not a Zentyal issue but a basic samba limitation.

Hopefully it will be implemented at some point but that link explains how to configure it manually.

BerT666

  • Zen Warrior
  • ***
  • Posts: 198
  • Karma: +5/-0
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #4 on: December 06, 2018, 10:37:20 am »
... you can only add more DCs as aditional ones...
You wrote, you have 3 Zentyal boxes as DCs (?), so normally, the users (passwords,...) are still there.

But do not use "main DC" unless you really want to recreate the domain

kcurtis

  • Zen Apprentice
  • *
  • Posts: 22
  • Karma: +1/-0
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #5 on: December 06, 2018, 01:10:26 pm »
So if we have/had 3 DC and right now all 3 are set to additional and seem to be handing out logins correctly what problems am I looking at in the future without having any set as the prime?

BerT666

  • Zen Warrior
  • ***
  • Posts: 198
  • Karma: +5/-0
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #6 on: December 07, 2018, 09:26:07 am »
I belive there would be no side effect, at least when you moved /seized the FSMO Roles between the "still living" servera...

Since you need a working SYSVOL for GPOs, I suggest that you take a look at the "samba Issue" regarding its replication. If you do not need SYSVOL, all should be fine

Regards

BerT
« Last Edit: December 07, 2018, 09:28:02 am by BerT666 »

ovecka

  • Zen Apprentice
  • *
  • Posts: 10
  • Karma: +1/-0
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #7 on: December 09, 2018, 04:46:26 pm »
There were issues for me when I transferred all FSMO roles to Zenyal's ADC, copied the sysvol directory and shut the PDC for good.
The GUI still thinks it's an ADC. That means that I am unable to activate Roaming profiles and set the home directory letter via the GUI and when I create a new user there, the profile path and home directory aren't properly mapped. Since then, I have been forced to create all new user's links through Windows' RSAT. Unfortunately, I hadn't found any solution to the problem and eventually gave up.

I forgot to mention that all the other domain functions work well, incl. user authentication, samba shares, GPOs,...
« Last Edit: December 09, 2018, 04:49:19 pm by ovecka »

Neustradamus

  • Zen Monk
  • **
  • Posts: 63
  • Karma: +0/-2
    • View Profile
Re: Promote additional DC to main without loosing users?
« Reply #8 on: December 09, 2018, 08:20:20 pm »

 

mailcat