[Samba] Migrating from NT4 PDC to Windows 2003 ADS; Samba as member server

Jonathan Johnson jon at sutinen.com
Thu Jun 7 21:46:47 GMT 2007

Here's the situation. We've got an old NT4 domain (not a Samba domain in 
NT 4 mode) which we'll call CRUSTY. There is of course an NT4 PDC and 
several NT4 BDCs. We have some Linux/Samba file servers (Samba 3.0.1) 
that are member servers (security = domain) of the NT4 domain. We also 
have several NT4 BDCs and about 200 workstations of varying vintage 
(2000, XP) in several facilities around the world on a WAN.

We are *migrating* to a new Active Directory 2003 domain called SHINY (I 
am assuming this will imply security = ADS). We don't wish to *upgrade* 
the NT4 domain. We would like to do the migration a little at a time 
rather than all at once in order to preserve our sanity. How can we 
establish a domain trust so that a Samba server that is joined to the 
CRUSTY domain will allow access for users that are authenticated against 
the SHINY domain?

Is there a better way? (I can RTFM, but I need to know where to look.)

-Jonathan Johnson
Sutinen Consulting, Inc.

More information about the samba mailing list