[Samba] Migration to 3.0 with LDAP

Kevin Fries kevin-nntp at hcico.com
Thu Dec 4 20:59:50 GMT 2003


I need to try and  kill two birds with one stone, and I want to make sure I
don't do something stupid (something I excel at, lol)

We are currently running RH 7.2 with Samba 2.2.7.  Since 7.2 is being EOL'd
at the end of the year, and I am less than impressed with 9, I am going to
need to upgrade our server and I am seriously considering a switch of
distros at the same time.

To facilitate the move, I have a backup server ready with RH9 ready to take
over the PDC role, now all I need to do is install the software and
transfer control.

At the same time, I would like to move the accounts from the normal SMB
password database, to LDAP.  So here is the plan that I came up with:

  x Install RH9 on backup server and allow it to authenticate against
    the LDAP Server

  x Replicate the LDAP server to the new RH9 machine

  x Adjust all /etc/ldap.conf files on all Linux machines to begin taking
    its account (posixAccount/posixGroup) information from new RH9 machine.

  4 Install Samba 3.0 with LDAP support

  5 Transfer all accounts from old server (smbpasswd) to new RH9 server
    (LDAP)

  6 Transfer PDC to new RH9 machine keeping same name and domain information

  7 Rebuild old server with new distro

  8 Install Samba as BDC with LDAP support and point its database to the one
    on the temporary server.

  9 Swap roles of PDC and BDC, then remove Samba from temporary server.

There are other issues such as transferring the file shares and printer
definitions, but those are minor compared to making the transition as
seamless as possible.  I would prefer to make the temporary server use the
same "Computer Name" as the current server so as to not disrupt any shares
that are currently mapped on my Win98 and 2000 machines.

Can anyone give me advice and/or warnings to help me make this transition
completely transparent to my end users?

Thanks in advance
Kevin Fries





More information about the samba mailing list