[Samba] Howto merge two domains

Andreas Heinlein a.heinlein at vvv-service.de
Tue Oct 24 07:26:07 GMT 2006


since I found various bits of information but no howto or similar, I'd
like to ask how you would handle the following scenario:
- two domains with identical name on two physically totally separated
networks, but with different IP-Subents (both in the private range
172.16.x). One domain has about 50 clients and users, the other about 25
- both domains have Samba 3.0.x configured as a PDC, with Windows 2000
Clients. Both Sambas currently use the pdb backend, but a migration to
LDAP is planned. Both domains use server-side profiles.
- on both sides, there are additional workstations with shares, some of
them having rather complex permissions (for individual users).
- these two domains need to be merged into one, with one PDC. That is,
the smaller domain is to move physically into the building with the
larger domain. If possible, user accounts and groups should be migrated
as well as profiles etc. Share permissions on the PDC itself and the
other workstations should be preserved as well.

Is this possible? I read about the profiles tool that "it works only on
NT", so it will not work with Win2K? I read about moveuser.exe but am
not sure if this works with server-side profiles. How about preserving
the share permissions when the SIDs change? Can the user accounts be
migrated, or do they have to be re-created?

Thank you,

