[Samba] migration from samba3 -> 4 architecture goal question

Daniel Müller mueller at tropenklinik.de
Tue Oct 7 02:35:22 MDT 2014 

I just did it with centos 6.5 .  2 Samba4/DNS servers with a replicating
glusterfs vol. 7 is reported to have  some bugs.
If you do it the classic way you will do the work twice.
Your timeframe is more than enough.


Greetings Daniel

EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen 
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de



-----Ursprüngliche Nachricht-----
Von: Karel Lang AFD [mailto:lang at afd.cz] 
Gesendet: Dienstag, 7. Oktober 2014 10:11
An: mueller at tropenklinik.de; samba at lists.samba.org
Betreff: Re: AW: [Samba] migration from samba3 -> 4 architecture goal
question

Thank you Daniel!

So no regrets going AD?
As i explained, even if i decide 'jump this bandwagon' too, i could do it in
like 8-10 months timeframe.

Do you think it makes sense to update to Samba4 classic in meantime, while i
wait for new Hardware for new serverroom and wait for RHEL
(CentOS) 7.1 (7.2)?

Karel

On 10/07/2014 07:53 AM, Daniel Müller wrote:
> Hello,
>
> If you go Samba4 you go ADS.
> And meanwhile --I had a similar environment like yours--- I do not 
> want to go back again.
> Samba4 serves as auth principal for my centos servers, dovecot imap, 
> all windows servers and clients without any issue.
> With SOGo/Openchange  another open source software I reach a exchange 
> like environment for the outlook clients.
>
>
> EDV Daniel Müller
>
> Leitung EDV
> Tropenklinik Paul-Lechler-Krankenhaus
> Paul-Lechler-Str. 24
> 72076 Tübingen
> Tel.: 07071/206-463, Fax: 07071/206-499
> eMail: mueller at tropenklinik.de
> Internet: www.tropenklinik.de
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces at lists.samba.org 
> [mailto:samba-bounces at lists.samba.org] Im Auftrag von Karel Lang AFD
> Gesendet: Montag, 6. Oktober 2014 23:55
> An: samba at lists.samba.org
> Betreff: [Samba] migration from samba3 -> 4 architecture goal question
>
> Hello list and all,
> this is my case:
>
> 4month ago i joined new job with company:
> 400 employees, RHEL and CEntOS 6.5 servers in backbone (and some 
> windows servers as app servers), with one Samba3 PDC fileserver/domain 
> server with tdbsam backend for windows 7 workstations and NIS for 
> Linux workstation and servers authentication... you can imagine this 
> situation was a bit mess
>
> My goal was to improve user authentication process, network speed 
> (user roaming profile size etc), Zimbra implementation etc.
>
> With the help of great people here on this list and others i migrated 
> all users to 389 Directory server and thus i achieved united 
> authentication for users (samba + ldap backend for windows 
> workstations and SSSD daemon + ldap backend for unix / linux 
> authentication) I implemented 2new BDC servers and now i'm process of 
> creating another
> 389 DS (slave) server to add robustness.
>
> After tunning of smb.conf and linux kernel parameters i achieve up to 
> 50MB/s transfer speed of files over CIFS (this is top for one big 
> file, meaning it's always less)
>
> Now, after all work done, users are quite happier, but the network 
> speed over CIFS is still issue (compared eg. to NFS4).
>
>
> Situation now:
> what i want most of Samba4 is the access to SMB2 an SMB3 protocols 
> with hopes of higher LAN speed data transfers.
>
> My concern is now, that Samba4 is a very different beast and i'm not 
> entirely sure, the AD should be my goal in mixed environment of 
> windows and unix servers and windows and unix workstations.
>
> questions:
> 1. if i go with Samba4 AD scenario migration - is SSSD Linux daemon 
> able to authenticate users against LDAP server bundled with Samba?
>
> 2. is it possible to update Samba3 - Samba4 while retain 'classic' 
> NTv4 like domain architecture? (the internet search didn't turn with 
> examples of ppl doing this - everyone goes 'crazy' for Samba4 AD from
SAmba 3).
>
> This is actually my main question - because if this is possible, this 
> would give me (correct me if wrong)
> - the access to new SMB protocols, while not breaking current setup 
> architecture (hard-worked out after 2month of sleepless nights)
> - achieve higher LAN transfer speeds in 'faster' time horizon
> - give to time to rethink over/test the migration process to AD (if i 
> decide i need it)
> - gain time to wait for new HW planned for RHEL 7.x servers
> - because again, if i decide to switch to AD i'd like to do this on 
> new RHEL 7.x servers and not on 6x (distro lifetime cycle is getting 
> near
> end) and this means wait until RHEL gets to version 7.2 and is stable 
> and bug free enough
>
> 3. this question follows previos - if i go with Samba4 'classic' 
> domain, is it doable (hard / easy?) to switch it to AD afterwards?
>
> 4. should i go for some MS windows course to get better understanding 
> of AD in case i decide to 'go for it'?
>
>
> So basically you see, i need to gain some time for study and test 
> Samba
> 4 AD, yet, i'd like to get benefit of new samba protocols faster for 
> better LAN speed transfers..
>
>
> Thank you guys for reading this far :]
>
> Karel Lang
>
>

More information about the samba mailing list