[Samba] Yet another 3 vs 4 question

Donny Brooks dbrooks at mdah.state.ms.us
Wed Feb 29 15:12:32 MST 2012

We are currently looking at upgrading our PDC which is currently Samba 
3.4.7 with OpenLDAP backend for authentication. As it stands we are only 
wanting to move it to new hardware and possibly run the latest 3.X.X 
branch. However one of my co-workers suggested why not look at samba 4. 
We understand it is still in alpha but from what we read it is ready for 
production use.

As some background we are a small government agency with roughly 200 end 
users. We have about half XP and 7 machines with a handful of Vista 
ones. All of our servers are Linux with only one 2008R2 server in there. 
We mainly use samba for SSO function with OpenLDAP for authentication, 
file sharing, and roaming profiles. Each division in the department has 
their own home server (BDC) that houses all their roaming profiles and 
redirected my documents. We have about 12 BDC's in this configuration 
with the PDC doing just DC functions.

Before I get into the 3 vs 4 stuff I do have one question about 
migrating to a new machine. What is the best way to migrate the PDC from 
one machine to the next without having to rejoin all the pc's to the 
domain? If we end up going just the upgrade path we will need it to be 
as seamless as possible.

Now for the 3 to 4 questions:
Is there a way to go from 3 to 4 without having to touch all the pc's?
We are wanting to move the PDC from the machine it is currently on onto 
new hardware (new IP, dns name, etc). Is this easily doable in 4? If so 
would it be better to migrate to the new machine before doing the 
upgrade to 4 or after?
If we decided to go to 4 but do a fresh install instead of an "upgrade" 
does anyone know of an easy way to automate the rejoining of the domain 
on the end user pc's?
Once samba4 is out of "alpha" should it easily be upgradable to a 
distributions package? For instance Fedora. Or would it need to be 
totally reinstalled?
Would it be better for us to stay with samba 3 for now and wait for 4 to 
be out of alpha/beta?
Since Samba 4 does not use LDAP as we do currently, should we still be 
able to authenticate our servers the same as now?
Am I missing anything obvious on this possible move to samba 4?

Thanks in advance for any and all advice on this.

More information about the samba mailing list