[Samba] Converting a school district to Samba DCs

Geoff Scott geoffs at guestshire.com
Wed Jul 13 07:14:03 GMT 2005

Bill Greene wrote:
> I'm helping a small grade school district convert to Samba servers,
> more specifically, replace the existing NT domain controllers. 
JHT has written a specific chapter on migrating NT4 to samba in the Samba
Guide.  I would gather that you may have already read it.

> The district has 3 schools and about 1,700 students and staff members.
> There is one domain.  Currently there are four NT4 DCs, a PDC and 3
> BDCs, one in each school.  The BDCs act as file servers.  There are
> also several Linux machines running Samba as file servers for
> specific applications.  Finally, there are about 450 client machines,
> with a mix of Windows 98, 2000, and XP.    
Try to get all of your machines upgraded to the same OS and version

> Every student and staff member has a login and a home directory on
> their "local" BDC.  In the vast majority of cases users are logging
> in to the local server.  It would be rare, for example, that a
> student from school A would log in while physically at school B. 
> However, it does happen, and there are staff members who do that
> regularly, so it needs to be accommodated.     
> Most of what is required is fairly straight forward - there would
> still be a file server in each school, and probably a dedicated
> machine for the "PDC" function of holding the user database.  The
> trick is account management.  From what I've read so far in the Samba
> Guide, how-tos, and various news postings, there are 482 different
> ways of doing this (OK, I made up 482, but there are a lot).  Most of
> the existing docs assume you know what you want to do, and tell how
> to do it.  Unfortunately, I'm still at the first step.       
The most robust seems to be to have your PDC machine also be a master LDP
server and then have LDAP replicate to slaves on the rest of your sites that
are also BDC's.  Make you BDC's point to the slave ldap servers in your

> So I'm looking for some general guidance on the overall organization.
> For 
> example:  Should I be using LDAP?  

> What about the MySQL backend? 

Nope too hard.  Not enough info unless you are guru status.
> How does winbind fit into this?  Do I need to create all users on all
> servers, or just on the one holding their home directory? 

How are you doing it with your current setup?  Does this meet your needs?
> Whatquestions am I not asking that I should be asking?   
> If you have answers, great!  But just pointing at some links would be
> a big help, too. 
> Thanks!
> -- bill

I'm kind of assuming that you have looked at the Samba Guide.  A combination
of the Happy users chapter with some of the components of the distributed
2000 users network chapter, and a slight sojourn into the NT4 migration
chapter with some DHCP and dns configs pulled from chapter 3 & 4  should do
the trick.  All the best, from a fellow migrator.

Regards Geoff Scott

More information about the samba mailing list