[Samba] Yet another 3 vs 4 question

steve steve at steve-ss.com
Wed Feb 29 17:07:51 MST 2012

On 02/29/2012 11:12 PM, Donny Brooks wrote:
> We are currently looking at upgrading our PDC which is currently Samba 
> 3.4.7 with OpenLDAP backend for authentication. As it stands we are 
> only wanting to move it to new hardware and possibly run the latest 
> 3.X.X branch. However one of my co-workers suggested why not look at 
> samba 4. We understand it is still in alpha but from what we read it 
> is ready for production use.
> As some background we are a small government agency with roughly 200 
> end users. We have about half XP and 7 machines with a handful of 
> Vista ones. All of our servers are Linux with only one 2008R2 server 
> in there. We mainly use samba for SSO function with OpenLDAP for 
> authentication, file sharing, and roaming profiles. Each division in 
> the department has their own home server (BDC) that houses all their 
> roaming profiles and redirected my documents. We have about 12 BDC's 
> in this configuration with the PDC doing just DC functions.
> Before I get into the 3 vs 4 stuff I do have one question about 
> migrating to a new machine. What is the best way to migrate the PDC 
> from one machine to the next without having to rejoin all the pc's to 
> the domain? If we end up going just the upgrade path we will need it 
> to be as seamless as possible.
> Now for the 3 to 4 questions:
> Is there a way to go from 3 to 4 without having to touch all the pc's?
> We are wanting to move the PDC from the machine it is currently on 
> onto new hardware (new IP, dns name, etc). Is this easily doable in 4? 
> If so would it be better to migrate to the new machine before doing 
> the upgrade to 4 or after?
> If we decided to go to 4 but do a fresh install instead of an 
> "upgrade" does anyone know of an easy way to automate the rejoining of 
> the domain on the end user pc's?
> Once samba4 is out of "alpha" should it easily be upgradable to a 
> distributions package? For instance Fedora. Or would it need to be 
> totally reinstalled?
> Would it be better for us to stay with samba 3 for now and wait for 4 
> to be out of alpha/beta?
> Since Samba 4 does not use LDAP as we do currently, should we still be 
> able to authenticate our servers the same as now?
> Am I missing anything obvious on this possible move to samba 4?
> Thanks in advance for any and all advice on this.
We have win and Linux clients with ldap under 3.6. We've been staring 
long and hard at the transfer of openLDAP attrs to samba4 ldb's. We 
don't know whether there will be any change made to the structure of the 
databases and are uncertain as to the official line on what should (or 
should not) be stored. There has been talk of a release but I don't see 
a freeze coming soon. OTOH, if we were staring from nothing, we'd g for 
4 tomorrow morning.

More information about the samba mailing list