[Samba] Need help taking over my Windoze Domain

[PHELPS, SCOTT]

Hi again,

My goal here is to 'fdisk' my Windoze PDC, and I think I just need a little more help....

OK, I've susccessfully set up Samba 2.2.8a and OpenLDAP 2.0.27.  I was able to join a XP,NT, and 2000 box to a new "test" domain, and log into it.

Now I want to shut down my WindowsPDC, change my NetBios and workgroup name on my Samba server, and have it take over without anybody knowing it.

I tried this last night, but it didn't work as planned.  I know I need to run 'smbpasswd -S' to get the Domain SID from the WinPDC.  But what else do I need to do... (see Question 3)

Question 1)  Are the smbldap-tools (smbldap-migrate-accounts.pl) capable of importing machine$ SIDs proprely.  Also, why do I have to run smbpasswd <username> even though I have an entry in objectClass=SambaAccount?  Is it a correct conclusion that secrets.tb is needed although you are using LDAP?  I can't fit those pieces together in my brain..   For some reason I have not had good results from these tools.  I always have to create users/machines manually from an self-created LDIF file for Samba to play nice with it LDAP.

Question 2)  Is Samba 3 stable enough to run in a critical production environment.  In reading the posts here I seems that it is more suited to run as a PDC w/LDAP with alot more features.  What are the real-world advantages/problems you have discovered by upgrading.  Opinions welcome!

Question 3) What is the proper way to "take over" a Windows Domain with Samba?

Again, thanks for the input and help!

-- Scott Phelps