[Samba] Migration tests
Rowland Penny
rowlandpenny at googlemail.com
Thu Nov 27 09:18:58 MST 2014
On 27/11/14 15:51, Elias Pereira wrote:
> The configuration below:
>
> /uri "ldap://{AD-Hostname/IP}:389"/
> /suffix "{your Domain DN}"/
>
> is the configuration of my Samba4?
>
> Example:
>
> openLdap IP: 192.168.77.220
> samba4 IP: 192.168.77.200
>
> would look like this:
>
> /uri ldap://192.168.77.200:389 <http://192.168.77.200:389>/
> /suffix ou=Users,dc=minharede,dc=intra/
>
>
> Sorry for so many questions. But I need to understand it! :D
>
> On Thu, Nov 27, 2014 at 11:04 AM, Rowland Penny
> <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>> wrote:
>
> On 27/11/14 12:54, Elias Pereira wrote:
>>
>> Nice diagram :-)
>>
>>
>> :D
>>
>> Not as far as I am aware, unless you are talking about using
>> Samba4 like your old Samba3 & Openldap
>>
>>
>> Yea. It may be possible with authenticating other services
>> against AD.
>>
>> One more question.
>>
>> This configuration below,
>>
>> /### Database definition (Proxy to AD)
>> #########################################/
>> /database ldap/
>> /readonly yes/
>> /protocol-version 3/
>> /rebind-as-user/
>> /uri "ldap://{AD-Hostname/IP}:389"/
>> /suffix "{your Domain DN}"/
>> /overlay rwm/
>> /rwm-map attribute uid sAMAccountName/
>> /rwm-map attribute mail proxyAddresses/
>>
>>
>>
>> is configured in *slapd.conf* of the *openldap*, right?
>>
>> On Thu, Nov 20, 2014 at 12:13 PM, Rowland Penny
>> <rowlandpenny at googlemail.com
>> <mailto:rowlandpenny at googlemail.com>> wrote:
>>
>> On 20/11/14 13:45, Elias Pereira wrote:
>>
>> Hello Rowland,
>>
>> Look this schema:
>>
>>
>>
>> Nice diagram :-)
>>
>>
>> My questions are:
>>
>> 1. The external ldap can replicate all contents to the
>> internal ldap of the Samba4?
>>
>>
>> Not as far as I am aware, unless you are talking about using
>> Samba4 like your old Samba3 & Openldap
>>
>>
>> 2. Perhaps the question is stupid, but the internal ldap
>> of Samba4 has the same structure of openldap?
>>
>>
>> No, not a stupid question, the internal ldap (which tells me
>> that you want to move to active directory) is similar to, but
>> not the same as Openldap.
>>
>> I think that you will need to use your external ldap as a
>> proxy, see here:
>>
>> https://wiki.samba.org/index.php/Authenticating_other_services_against_AD
>>
>> It might also be worthwhile surfing the net (use 'active
>> directory' in the search), moodle at least seems to work with AD.
>>
>> If you are thinking of moving to a Samba4 AD DC, you just
>> need to get your head round the fact that it works just like
>> a windows AD DC.
>>
>> Also, can you please keep posts on the list.
>>
>> Rowland
>>
>>
>> Thank you in advance! :D
>>
>>
>> On Wed, Nov 19, 2014 at 7:13 PM, Bo Kersey <bo at vircio.com
>> <mailto:bo at vircio.com> <mailto:bo at vircio.com
>> <mailto:bo at vircio.com>>> wrote:
>>
>> I used this info and it worked for me:
>>
>> https://wiki.samba.org/index.php/Samba_Classic_Upgrade_(NT4-style_domain_to_AD)
>> <https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29>
>>
>> <https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29>
>>
>> ----- Original Message -----
>> > From: "Rowland Penny" <rowlandpenny at googlemail.com
>> <mailto:rowlandpenny at googlemail.com>
>> <mailto:rowlandpenny at googlemail.com
>> <mailto:rowlandpenny at googlemail.com>>>
>> > To: "samba" <samba at lists.samba.org
>> <mailto:samba at lists.samba.org>
>> <mailto:samba at lists.samba.org
>> <mailto:samba at lists.samba.org>>>
>> > Sent: Wednesday, November 19, 2014 2:45:29 PM
>> > Subject: Re: [Samba] Migration tests
>>
>> > On 19/11/14 19:03, Elias Pereira wrote:
>> >> Hello all,
>> >>
>> >> I am performing migration tests from my old samba3
>> to the new
>> samba4.
>> >>
>> >> I must copy the entire samba folder from my old
>> Samba3, to new
>> Samba4?
>> >>
>> > How are planning to migrate ? do want to use samba4
>> just like your
>> > samba3 setup, or are you planning to set up a
>> samba4 AD DC ?
>> >
>> > Rowland
>> >
>> > --
>> > To unsubscribe from this list go to the following
>> URL and read the
>> > instructions:
>> https://lists.samba.org/mailman/options/samba
>>
>> --
>> Bo Kersey
>> VirCIO - managed network solutions
>> 4314 Avenue C
>> Austin, TX 78751
>> phone: (512)374-0500 <tel:%28512%29374-0500>
>> <tel:%28512%29374-0500>
>> --
>> To unsubscribe from this list go to the following URL
>> and read the
>> instructions:
>> https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>> --
>> Elias Pereira
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and
>> read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>> --
>> Elias Pereira
> Well seeing as how it is a fragment from a file from here:
> https://wiki.samba.org/index.php/Authenticating_other_services_against_AD
>
> With the heading: 1. Use the following slapd.conf example:
>
> Then YES. :-)
>
> Rowland
>
>
>
>
> --
> Elias Pereira
The first line looks OK, but I believe that the second line should be
'suffix dc=minharede,dc=intra'
Rowland
More information about the samba
mailing list