[Samba] Upgrade Samba 3 -> Samba 4 AD DC (Debian Wheezy)
peter.schaefer at gmx.de
Wed Jan 1 03:41:40 MST 2014
First of all: Happy New Year!
Am 12/29/2013 11:26 PM, Marc Muehlfeld wrote:
> I already have the detailed re-writing of the upgrading HowTo on my list for a longer time. But since I moved 2 month
> ago, I haven't got my internet connection and just being online just with a limited and unstable UMTS connection :-( .
> But I'm collecting the problems/hints/wishes for later. So let me know what kind of improvements you are thinking
> about, and I'll try to add them.
Well, for the upgrading HowTo it's just the hint to check the SID/RIDs as said in
https://lists.samba.org/archive/samba/2013-August/175135.html since having those wrong just leads to an exception in
classicupgrade (without a particular helpful error message). One might even consider dropping the group mappings since
they aren't needed anymore once you manage your users in AD and use sssd or similar solutions (IMHO).
Other than that, other HowTos often just assume a new installation. The difficult part for me was to deal with the
*existing* filesystems and establish the new ACL-based access rights in a way that the Windows side keeps working.
Additionally, transferring your users into AD touches a lot of other system issues like authentication via PAM and other
system services like SMTP/IMAP. But that is just caused by my case of "all eggs in one basket" (i.e. AD DC, mail-,
file-, fax-server all-in-one). But that's just how it is - no complain about the Samba documentation here; that's just
not to cover in the scope of Samba HowTos.
Eventually, it's just that you have to be an expert of Windows *and* Unix/Linux internals, need to read through many
HowTos, learn to separate outdated from up-to-date information, crawl through mailing-list archives and cope with the
inevitable subtle bug. But that's more-or-less how it's always been - and I love it. Especially when finally all comes
together and works :-).
More information about the samba