[Samba] Samba 4 in production?
lukas at eecs.qmul.ac.uk
Fri Oct 22 13:42:24 MDT 2010
Hi Michael, Mark, all
On 22/10/2010 19:31, Michael Wood wrote:
> On 22 October 2010 20:12, Mark Rutherford<mark at lowcountrybilling.com> wrote:
>> Hi Michael,
>> Thank you for the response.
>> I have 2 new servers to replace our older cluster with and I am going to
>> give Samba 4 a shot at it.
> I'm assuming the old ones are Samba 3? Using OpenLDAP as the backend?
>> My issue so far has been user and machine accounts - I can't find any
>> documentation or hints to migrate those.
> Upgrades/migration from Samba 3 is not finished yet. It is being
> worked on, though. Search the archives for mentions of myldap-pub.py
> which Lukasz Zalewski has been working on.
> I assume Lukasz used that script for his migration mentioned here:
That is correct - i have used the above script to import most of my
users and computers from s3 (with OpenLDAP backend) to the new s4 domain
(and keep using it to add new arrivals)
Metze is currently reviewing the changes i have made to his original
script, so hopefully soon this script will become part of s4. In essence
the script will allow you to move the whole domain across (you will
provision s4 with the original s3 domain SID and then move
users/computers/groups acroos), or move all/selected users across to the
>> When it comes to user accounts I created one and changed the SID to the SID
>> on the current domain and that worked fine.
>> I did have to rejoin the machine.
>> My test environment is running Samba4 as the domain controller and Samba 3
>> doing the heavy lifting.
> That sounds sensible to me.
>> It all seems to work okay, for the most part.
>> I will probably stress this setup for a few weeks and if I can't break it my
>> thoughts are to turn off the old cluster and
>> move on with life.
>> If I can figure out how to migrate accounts in the meantime, that's a plus.
>> When I get this all working as it should I will write up something for the
>> samba-technical mailing list.
>> Right now Samba 4 seems to work exceptionally well as a plain domain
>> The only issues I have run into are problems with bind not behaving itself.
>> Thanks again for the feedback.
>> On 10/20/2010 4:53 PM, Michael Wood wrote:
>>> On 11 October 2010 22:19, Mark Rutherford<mark at lowcountrybilling.com>
>>>> I have read many stories and testimonials from people that are running
>>>> Samba 4 in production.
>>>> This encouraged me to try it out in a couple of virtual machines and, as
>>>> expected I encountered no problems that
>>>> I could not overcome. (mostly DNS setup issues)
>>>> We are running 3.5 right now just as a plain NT4 domain controller with
>>>> and friends.
>>>> This setup has worked for many, many years and the possibility of gaining
>>>> is very appealing.
>>>> When I tested Samba 4, I joined a few Samba 3 servers to it and used
>>>> resources from those servers without any issues.
>>>> How are others using it in production?
>>>> Any pitfalls to using Samba 4 in this manner?
>>>> Anyone care to share their stories, good or bad?
>>>> Thanks everyone.
>>> I'm using it only for authentication of services on a Mac OS X server
>>> at the moment. No workstations, file/print sharing etc.
>>> It was a bit of trouble getting the user accounts migrated from Open
>>> Directory, but after that hurdle it's been very little trouble.
>>> I'm copying samba-technical, since you've not received any other
>>> answers on the samba list and the samba-technical list is, for now,
>>> still the place to report success/failure/etc. with Samba 4.
More information about the samba-technical