[Samba] Upgrading from NT to AD
James Chamberlain
jamesc at exa.com
Thu Jun 11 17:16:42 GMT 2009
On Jun 10, 2009, at 9:24 PM, Edward Ned Harvey wrote:
>> Could someone point me toward documentation on the impact to Samba of
>> upgrading from an NT domain to Active Directory? I've found docs on
>> Samba with NT domains and docs on Samba with AD, but not so much on
>> the upgrade process. I'd like to know exactly what I'm doing
>> before I
>> do anything that could cut my Windows users off from the file
>> servers. Whether it's as easy as "do the upgrade and your Samba
>> servers will automatically make the transition", or I have to set up
>> Kerberos and make changes to smb.conf, I want to be sure I know all
>> the steps involved.
>
> I don't know any such documentation (and good luck to you finding
> it) - I
> would think maybe you'll find something going from 2003 to 2008 ...
> but from
> NT to AD ... phew doggy...
It's something that I'm sure enough people have done at this point
that documentation must exist somewhere. Even if it's old, it's not
like NT has changed in years.
> Anyway - I do have some advice for you. Find some way to attach a
> new hard
> drive to the windows server. Boot from something like centos cd1 in
> rescue
> mode. Use dd to backup the OS hard drive to a file on the new HD.
> If the
> OS hard drive is software mirrored, make separate dd's for each of
> the 2
> hard drives. That way, you're free to do what you need to do, and you
> always have a safetynet.
Thanks for the advice. I'm going to be retiring the old NT server
during this process and replacing it with a new system. I'm planning
to use a third system as a swing server to help me get the upgrade
done. I'll shut down the PDC, promote the BDC and upgrade it, then
bring up the new PDC as a BDC (essentially), promote it and shut down
the swing box. There shouldn't be any cruft left over from NT on my
new PDC, and if something goes wrong in the process, I can bring up
the old PDC and be back up and running quickly.
I'll be doing a dd backup anyway, because it's always better to be
safe than sorry.
> Assuming you're using Kerberos, my expectation is that you don't
> need to do
> anything at all on the samba server. But don't hold me to it.
How about if I'm not currently using Kerberos?
Thanks,
James
More information about the samba
mailing list