[Samba] migration from samba3 -> 4 architecture goal question
mueller at tropenklinik.de
Tue Oct 7 02:35:22 MDT 2014
I just did it with centos 6.5 . 2 Samba4/DNS servers with a replicating
glusterfs vol. 7 is reported to have some bugs.
If you do it the classic way you will do the work twice.
Your timeframe is more than enough.
EDV Daniel Müller
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Von: Karel Lang AFD [mailto:lang at afd.cz]
Gesendet: Dienstag, 7. Oktober 2014 10:11
An: mueller at tropenklinik.de; samba at lists.samba.org
Betreff: Re: AW: [Samba] migration from samba3 -> 4 architecture goal
Thank you Daniel!
So no regrets going AD?
As i explained, even if i decide 'jump this bandwagon' too, i could do it in
like 8-10 months timeframe.
Do you think it makes sense to update to Samba4 classic in meantime, while i
wait for new Hardware for new serverroom and wait for RHEL
(CentOS) 7.1 (7.2)?
On 10/07/2014 07:53 AM, Daniel Müller wrote:
> If you go Samba4 you go ADS.
> And meanwhile --I had a similar environment like yours--- I do not
> want to go back again.
> Samba4 serves as auth principal for my centos servers, dovecot imap,
> all windows servers and clients without any issue.
> With SOGo/Openchange another open source software I reach a exchange
> like environment for the outlook clients.
> EDV Daniel Müller
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org
> [mailto:samba-bounces at lists.samba.org] Im Auftrag von Karel Lang AFD
> Gesendet: Montag, 6. Oktober 2014 23:55
> An: samba at lists.samba.org
> Betreff: [Samba] migration from samba3 -> 4 architecture goal question
> Hello list and all,
> this is my case:
> 4month ago i joined new job with company:
> 400 employees, RHEL and CEntOS 6.5 servers in backbone (and some
> windows servers as app servers), with one Samba3 PDC fileserver/domain
> server with tdbsam backend for windows 7 workstations and NIS for
> Linux workstation and servers authentication... you can imagine this
> situation was a bit mess
> My goal was to improve user authentication process, network speed
> (user roaming profile size etc), Zimbra implementation etc.
> With the help of great people here on this list and others i migrated
> all users to 389 Directory server and thus i achieved united
> authentication for users (samba + ldap backend for windows
> workstations and SSSD daemon + ldap backend for unix / linux
> authentication) I implemented 2new BDC servers and now i'm process of
> creating another
> 389 DS (slave) server to add robustness.
> After tunning of smb.conf and linux kernel parameters i achieve up to
> 50MB/s transfer speed of files over CIFS (this is top for one big
> file, meaning it's always less)
> Now, after all work done, users are quite happier, but the network
> speed over CIFS is still issue (compared eg. to NFS4).
> Situation now:
> what i want most of Samba4 is the access to SMB2 an SMB3 protocols
> with hopes of higher LAN speed data transfers.
> My concern is now, that Samba4 is a very different beast and i'm not
> entirely sure, the AD should be my goal in mixed environment of
> windows and unix servers and windows and unix workstations.
> 1. if i go with Samba4 AD scenario migration - is SSSD Linux daemon
> able to authenticate users against LDAP server bundled with Samba?
> 2. is it possible to update Samba3 - Samba4 while retain 'classic'
> NTv4 like domain architecture? (the internet search didn't turn with
> examples of ppl doing this - everyone goes 'crazy' for Samba4 AD from
> This is actually my main question - because if this is possible, this
> would give me (correct me if wrong)
> - the access to new SMB protocols, while not breaking current setup
> architecture (hard-worked out after 2month of sleepless nights)
> - achieve higher LAN transfer speeds in 'faster' time horizon
> - give to time to rethink over/test the migration process to AD (if i
> decide i need it)
> - gain time to wait for new HW planned for RHEL 7.x servers
> - because again, if i decide to switch to AD i'd like to do this on
> new RHEL 7.x servers and not on 6x (distro lifetime cycle is getting
> end) and this means wait until RHEL gets to version 7.2 and is stable
> and bug free enough
> 3. this question follows previos - if i go with Samba4 'classic'
> domain, is it doable (hard / easy?) to switch it to AD afterwards?
> 4. should i go for some MS windows course to get better understanding
> of AD in case i decide to 'go for it'?
> So basically you see, i need to gain some time for study and test
> 4 AD, yet, i'd like to get benefit of new samba protocols faster for
> better LAN speed transfers..
> Thank you guys for reading this far :]
> Karel Lang
More information about the samba