[Samba] Samba 4 in production?

Fri Oct 22 15:24:23 MDT 2010

Adding samba-technical back into the Cc.

On 22 October 2010 21:52, Mark Rutherford <mark at lowcountrybilling.com> wrote:
> Yes old servers are Samba 3 with OpenLDAP backend.
> I saw the script 'myldap-pub.py' mentioned but I never could find it.
> Google turned up a few links that had a link to the attachment but they were
> all broken links.
> I was hoping to give it a whirl, unless you know where I can find it?
> The mailing list seems to have scrubbed it from all emails.

I believe this is the latest version.  It is Stefan Metzmacher's
original script with Lukasz' myldap-pub-7.diff applied.

> On 10/22/2010 2:31 PM, Michael Wood wrote:
>>
>> On 22 October 2010 20:12, Mark Rutherford<mark at lowcountrybilling.com>
>>  wrote:
>>>
>>> Hi Michael,
>>> Thank you for the response.
>>>
>>> I have 2 new servers to replace our older cluster with and I am going to
>>> give Samba 4 a shot at it.
>>
>> I'm assuming the old ones are Samba 3?  Using OpenLDAP as the backend?
>>
>>> My issue so far has been user and machine accounts - I can't find any
>>> documentation or hints to migrate those.
>>
>> Upgrades/migration from Samba 3 is not finished yet.  It is being
>> worked on, though.  Search the archives for mentions of myldap-pub.py
>> which Lukasz Zalewski has been working on.
>>
>> I assume Lukasz used that script for his migration mentioned here:
>> http://lists.samba.org/archive/samba-technical/2010-October/074031.html
>>
>>> When it comes to user accounts I created one and changed the SID to the
>>> SID
>>> on the current domain and that worked fine.
>>> I did have to rejoin the machine.
>>> My test environment is running Samba4 as the domain controller and Samba
>>> 3
>>> doing the heavy lifting.
>>
>> That sounds sensible to me.
>>
>>> It all seems to work okay, for the most part.
>>>
>>> I will probably stress this setup for a few weeks and if I can't break it
>>> my
>>> thoughts are to turn off the old cluster and
>>> move on with life.
>>> If I can figure out how to migrate accounts in the meantime, that's a
>>> plus.
>>> When I get this all working as it should I will write up something for
>>> the
>>> samba-technical mailing list.
>>> Right now Samba 4 seems to work exceptionally well as a plain domain
>>> controller.
>>> The only issues I have run into are problems with bind not behaving
>>> itself.
>>> Thanks again for the feedback.
>>>
>>> On 10/20/2010 4:53 PM, Michael Wood wrote:
>>>>
>>>> On 11 October 2010 22:19, Mark Rutherford<mark at lowcountrybilling.com>
>>>>  wrote:
>>>>>
>>>>>  I have read many stories and testimonials from people that are running
>>>>> Samba 4 in production.
>>>>> This encouraged me to try it out in a couple of virtual machines and,
>>>>> as
>>>>> expected I encountered no problems that
>>>>> I could not overcome. (mostly DNS setup issues)
>>>>>
>>>>> We are running 3.5 right now just as a plain NT4 domain controller with
>>>>> DRBD
>>>>> and friends.
>>>>> This setup has worked for many, many years and the possibility of
>>>>> gaining
>>>>> AD
>>>>> is very appealing.
>>>>>
>>>>> When I tested Samba 4, I joined a few Samba 3 servers to it and used
>>>>> resources from those servers without any issues.
>>>>> How are others using it in production?
>>>>> Any pitfalls to using Samba 4 in this manner?
>>>>> Anyone care to share their stories, good or bad?
>>>>>
>>>>> Thanks everyone.
>>>>
>>>> I'm using it only for authentication of services on a Mac OS X server
>>>> at the moment.  No workstations, file/print sharing etc.
>>>>
>>>> It was a bit of trouble getting the user accounts migrated from Open
>>>> Directory, but after that hurdle it's been very little trouble.
>>>>
>>>> I'm copying samba-technical, since you've not received any other
>>>> answers on the samba list and the samba-technical list is, for now,
>>>> still the place to report success/failure/etc. with Samba 4.

-- 
Michael Wood <esiotrot at gmail.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: myldap-pub.py
Type: text/x-python
Size: 58688 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20101022/16f49495/attachment.py>