[Samba] MIgrating users to new domain

Donny Brooks dbrooks at mdah.state.ms.us
Mon Dec 3 15:22:02 MST 2012

We are currently setting up a new domain with samba 3.5.10 and openldap 2.4.23 (based off of Centos 6.3). The current domain is running older versions, 3.4.7 and 2.4.15 respectively. We are changing domain names also. There is alot of layout changes and the way it works. 

One change we are implementing is combining all the BDC's/home servers into one and moving them to the PDC. On the old domain every division of the agency has their own home server (BDC) that just connects back to the PDC for authentication and housed the sections shares and the users roaming profiles. On the new setup we are moving all the shares onto the PDC, also we are doing away with roaming profiles. The entire LDAP tree is being remade from scratch, meaning new UID's and GID's. 

Is there a way we could migrate a section of users at a time instead of having to do all 200 users at once? One problem we have thought of is making the shares consistent between old and new and the uid/gid issue. So say user1 is in group 501 on the old system but on the new system the group is 247. There would be file permission nightmares I would think. 

The second question is dealing with the conversion from roaming to local profiles. We still will be using netlogon scripts to mount the specific shares and such but just doing away with the roaming profiles. I have been testing this on windows 7 pc's (which account for about half of our users) and keep running into loading temp profiles. I did find some registry tweaks here on the list that seem to work but I was wondering if they are necessary or if I just didn't have something configured right.


Donny B.

More information about the samba mailing list