[Samba] samba 4 as a pdc and /etc/passwd
Rowland Penny
rowlandpenny at googlemail.com
Wed Mar 12 10:58:11 MDT 2014
On 12/03/14 16:54, David Bear wrote:
> Thank you. So would you suggest a migration from NT4 style domain to
> AD DC? If if so, are there any writeups on how to migration from a
> samba BDC domain to an samba AD DC ?
>
If you feel up to it, then yes, a samba4 AD domain is the way forward, a
good place to start is here:
https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO
Rowland
>
> On Wed, Mar 12, 2014 at 9:51 AM, Rowland Penny
> <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>> wrote:
>
> On 12/03/14 16:46, David Bear wrote:
>> but my original question was do I need to duplicate all the
>> accounts in /etc/passwd between the two machines since I did not
>> have ldap installed originally? Will samba 4 and it's built-in
>> ldap stuff capture what I need to get through pdc to bdc replication?
>>
> Since samba 3 required each samba user to be also a local user,
> you will need to create the same users & groups on the new machine
> as on the old one with the same uid's & gid's. This is where an AD
> domain is better, users & groups only exist in AD, they cannot be
> local.
>
> Rowland
>
>
>>
>> On Wed, Mar 12, 2014 at 9:41 AM, Rowland Penny
>> <rowlandpenny at googlemail.com
>> <mailto:rowlandpenny at googlemail.com>> wrote:
>>
>> On 12/03/14 16:22, David Bear wrote:
>>> Thanks for the rapid response. Apologies I was not more clear.
>>>
>>> I want to stick with the standard NT 4 domain contoller
>>> style network. Maybe next years I will think if migration to
>>> and ad dc. But for now, I want the simplest path off the
>>> samba 3 domain controller that I have.
>>>
>>>
>>> On Wed, Mar 12, 2014 at 9:18 AM, Rowland Penny
>>> <rowlandpenny at googlemail.com
>>> <mailto:rowlandpenny at googlemail.com>> wrote:
>>>
>>> On 12/03/14 16:07, David Bear wrote:
>>>
>>> I am remembering something wrong related to samba 4
>>> and that there is no
>>> longer a need to have machine accounts and user
>>> accounts exist in
>>> /etc/passwd ? I want to set up a samba 4 domain
>>> controller as a bdc to a
>>> samba 3 domain. Have the domain data base replicate
>>> and then shut down the
>>> samba 3 pdc and promote the samba 4 to a pdc. It
>>> would be nice to ignore
>>> having to migrate /etc/passwd because I did not set
>>> up ldap for the samba 3
>>> domain.
>>>
>>> I think that we are going to need a bit more info here.
>>> When you say 'bdc' & 'pdc' are you referring to the
>>> 'classic' samba setup, or do you expect to end up with
>>> an AD controller?
>>>
>>> If you want to end up with an AD controller, then what
>>> you are proposing will not work, an AD DC will never be
>>> a pdc in a NT domain.
>>>
>>> I think that you will have to go down the classicupgrade
>>> path here, but without further info, I cannot be sure.
>>>
>>> Rowland
>>>
>>>
>>>
>>>
>>> --
>>> David Bear
>>> mobile: (602) 903-6476
>>>
>>>
>> Ah, well in that case, I think it is just a case of setting
>> up samba4 just like the samba3 machine and then syncing the
>> userdatebase etc from the pdc to the bdc. This is usually
>> just done by copying the samba directory from one to the
>> other (on Ubuntu this is /var/lib/samba YMMV).
>>
>> Start up the new machine, make sure everything is ok and then
>> stop smbd, nmbd, winbind on the old pdc and everything should
>> just work, or maybe not. If it doesn't work, restart smbd etc
>> on the original pdc and you should be back to where you were,
>> you can then check the logs to try and find out what went wrong.
>>
>> This is all from memory, it is a good few years since I last
>> did this (ok, in fact I only ever did it once ;-) ), so if
>> anybody has a better way, please chime in.
>>
>> Rowland
>>
>>
>>
>>
>> --
>> David Bear
>> mobile: (602) 903-6476
>>
>>
>
>
>
>
> --
> David Bear
> mobile: (602) 903-6476
>
>
More information about the samba
mailing list