[Samba] Samba 4 in production?

Michael Wood esiotrot at gmail.com
Fri Oct 22 12:31:52 MDT 2010 

On 22 October 2010 20:12, Mark Rutherford <mark at lowcountrybilling.com> wrote:
> Hi Michael,
> Thank you for the response.
>
> I have 2 new servers to replace our older cluster with and I am going to
> give Samba 4 a shot at it.

I'm assuming the old ones are Samba 3?  Using OpenLDAP as the backend?

> My issue so far has been user and machine accounts - I can't find any
> documentation or hints to migrate those.

Upgrades/migration from Samba 3 is not finished yet.  It is being
worked on, though.  Search the archives for mentions of myldap-pub.py
which Lukasz Zalewski has been working on.

I assume Lukasz used that script for his migration mentioned here:
http://lists.samba.org/archive/samba-technical/2010-October/074031.html

> When it comes to user accounts I created one and changed the SID to the SID
> on the current domain and that worked fine.
> I did have to rejoin the machine.
> My test environment is running Samba4 as the domain controller and Samba 3
> doing the heavy lifting.

That sounds sensible to me.

> It all seems to work okay, for the most part.
>
> I will probably stress this setup for a few weeks and if I can't break it my
> thoughts are to turn off the old cluster and
> move on with life.
> If I can figure out how to migrate accounts in the meantime, that's a plus.
> When I get this all working as it should I will write up something for the
> samba-technical mailing list.
> Right now Samba 4 seems to work exceptionally well as a plain domain
> controller.
> The only issues I have run into are problems with bind not behaving itself.
> Thanks again for the feedback.
>
> On 10/20/2010 4:53 PM, Michael Wood wrote:
>>
>> On 11 October 2010 22:19, Mark Rutherford<mark at lowcountrybilling.com>
>>  wrote:
>>>
>>>  I have read many stories and testimonials from people that are running
>>> Samba 4 in production.
>>> This encouraged me to try it out in a couple of virtual machines and, as
>>> expected I encountered no problems that
>>> I could not overcome. (mostly DNS setup issues)
>>>
>>> We are running 3.5 right now just as a plain NT4 domain controller with
>>> DRBD
>>> and friends.
>>> This setup has worked for many, many years and the possibility of gaining
>>> AD
>>> is very appealing.
>>>
>>> When I tested Samba 4, I joined a few Samba 3 servers to it and used
>>> resources from those servers without any issues.
>>> How are others using it in production?
>>> Any pitfalls to using Samba 4 in this manner?
>>> Anyone care to share their stories, good or bad?
>>>
>>> Thanks everyone.
>>
>> I'm using it only for authentication of services on a Mac OS X server
>> at the moment.  No workstations, file/print sharing etc.
>>
>> It was a bit of trouble getting the user accounts migrated from Open
>> Directory, but after that hurdle it's been very little trouble.
>>
>> I'm copying samba-technical, since you've not received any other
>> answers on the samba list and the samba-technical list is, for now,
>> still the place to report success/failure/etc. with Samba 4.

-- 
Michael Wood <esiotrot at gmail.com>

More information about the samba-technical mailing list