[Samba] samba 4 as a pdc and /etc/passwd

Rowland Penny rowlandpenny at googlemail.com
Wed Mar 12 10:41:02 MDT 2014

On 12/03/14 16:22, David Bear wrote:
> Thanks for the rapid response. Apologies I was not more clear.
> I want to stick with the standard NT 4 domain contoller style network. 
> Maybe next years I will think if migration to and ad dc. But for now, 
> I want the simplest path off the samba 3 domain controller that I have.
> On Wed, Mar 12, 2014 at 9:18 AM, Rowland Penny 
> <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>> wrote:
>     On 12/03/14 16:07, David Bear wrote:
>         I am remembering something wrong related to samba 4 and that
>         there is no
>         longer a need to have machine accounts and user accounts exist in
>         /etc/passwd ? I want to set up a samba 4 domain controller as
>         a bdc to a
>         samba 3 domain. Have the domain data base replicate and then
>         shut down the
>         samba 3 pdc and promote the samba 4 to a pdc. It would be nice
>         to ignore
>         having to migrate /etc/passwd because I did not set up ldap
>         for the samba 3
>         domain.
>     I think that we are going to need a bit more info here. When you
>     say 'bdc' & 'pdc' are you referring to the 'classic' samba setup,
>     or do you expect to end up with an AD controller?
>     If you want to end up with an AD controller, then what you are
>     proposing will not work, an AD DC will never be a pdc in a NT domain.
>     I think that you will have to go down the classicupgrade path
>     here, but without further info, I cannot be sure.
>     Rowland
> -- 
> David Bear
> mobile: (602) 903-6476
Ah, well in that case, I think it is just a case of setting up samba4 
just like the samba3 machine and then syncing the userdatebase etc from 
the pdc to the bdc. This is usually just done by copying the samba 
directory from one to the other (on Ubuntu this is /var/lib/samba YMMV).

Start up the new machine, make sure everything is ok and then stop smbd, 
nmbd, winbind on the old pdc and everything should just work, or maybe 
not. If it doesn't work, restart smbd etc on the original pdc and you 
should be back to where you were, you can then check the logs to try and 
find out what went wrong.

This is all from memory, it is a good few years since I last did this 
(ok, in fact I only ever did it once ;-) ), so if anybody has a better 
way, please chime in.


More information about the samba mailing list