[Samba] LDAP/PDC migration to Samba4

Andrey Repin anrdaemon at yandex.ru
Mon Jul 21 05:06:04 MDT 2014

Greetings, Andrew Bartlett!

>> Or you could create a new Samba AD DC domain, exploit the trust
>> capabilities, copy the user accounts SID to the corresponding accounts
>> SID-history in the new domain. Create appropriate access groups and apply
>> them on the resources.
>> When all is tested and set you migrate the computers.

> With the only downside being that none of the above will work.

Thanks for a fair warning, Andrew :) That's one thing less to worry about.
I was skeptical about this trust thing the moment I read it, for my own
reasons. (If anyone following Cygwin mailing list, you know what I mean.)
But, knowing that this is not possible, leaves me with a clear set of options.
I hope I'll be able to write down my steps (should be no problem, unless money
are rushed on me, and I'll have a system on hands in a week's time), so other
people can benefit from my experience.

> (sidHistory isn't supported in Samba, trusts are not supported, and
> machines would have to be re-joined anyway).

Andrey Repin (anrdaemon at yandex.ru) 21.07.2014, <15:00>

Sorry for my terrible english...

More information about the samba mailing list