[Samba] how to migrate to samba-ldap transparently?

Craig White craigwhite at azapple.com
Sat Nov 12 01:37:00 GMT 2005 

On Fri, 2005-11-11 at 14:57 -0500, Pablo Chamorro C. wrote:
> > If you have 2 domains and a number of Windows computers attached to both
> > domains and you want to consolidate into one domain, there really is
> > little choice but to join the Windows computers to the one remaining
> > domain as there is no simpler way to change the SID of the machine to
> > the other.
> 
> ok, I was thinking that to change the SID on the PDC or on the Windows PCs 
> is possible, or I am wrong?
----
of course you can change the SID on the PDC but that isn't gonna work
for the computers that are already joined to the domain that still have
the old SID
----
>  Perhaps is not just a matter of having the 
> same SID?  Even I haven't found a way to migrate a windows profile using 
> some windows utility from one domain to other.  I wonder what is used when 
> you have to migrate one hundred or one thousand users?  The other day I 
> found one commercial extra non windows software (I tried a demo and it 
> couldn't detect my PDC, that it costed around 2 USD per windows client).
----
samba documentation has information about migrating user profiles in the
excellent How-To. Microsoft has lots of documentation about migrating
user profiles. There is likely to be some 3rd party utilities to do that
as well. I have no experience with them.
----
> 
> > If you have user profiles that need to be saved/migrated from one domain
> > to the other, see the samba documentation for a comprehensive discussion
> > on migrating user profiles.
> 
> thank you, I'm gonna read the docs in more detail
> 
> > Thus, this never was an LDAP question but if you are talking about the
> > openldap mail list, they are very provincial that the discussions on
> > that list are specifically about their software and not about
> > integration. If you want mailing lists where ldap integration is
> > appropriate, you might want to check ldap at umich.edu [1] and ldap-interop
> > [2]
> 
> ok, your help is the help that the openldap administrator should have 
> given me, that is too bad for the openldap advocacy, isn't it?
----
not everyone knows about the other mail lists for ldap and those lists
aren't openldap specific. I'm not going to get involved with your
frustration with openldap and the consultant you brought in to help you
with it. My feeling is that if you are going to commit to using LDAP,
you really need to understand it before you marry it to your everyday
functionality because you aren't going to be able to fix it when it
breaks until you understand it.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba mailing list