[Samba] Replicate Samba3 to Samba4

Mario Codeniera mario.codeniera at gmail.com
Thu May 28 16:21:24 MDT 2015 

Hi Marc,

Thanks for the clarifications of the terms to make it clear as I also
confuse on the usage.

> First let me teach some terms, because wrong usage often cause
> misconceptions: ;-)
> - DCs you have in an Active Directory
> - PDC/BDC you have in an NT4 domain
> - So you have an Windows AD with DC(s) and a Samba NT4 domain with a PDC
> and maybe BDC(s).
>
> Some are working in it, but domain trusts between AD domains/forests
> aren't finished yet.


Yes, the current configurations have a trust between Windows AD and Samba
NT4 as a one way. Supposedly that's the plan to migrate Samba NT4 to Samba
AD as you said not possible as of the moments.

> So you're having a trust between your Samba NT4 domain and your Windows AD
> at the moment? What do you want to achieve with your posting? Do you want
> to migrate your Samba NT4 domain to Samba AD? This isn't possible, because
> of the missing trust support (see above).


If I upgrade the existing 3.x to 4.x as a NT4 domain, does it not broke the
trust? I mean, does it support the trust for 4.x,Samba NT4 to the Windows
AD?

> Or do you just want to get rid of your old 3.x version and move to a more
> recent version? In this case simply upgrade. You can still run 4.x as an
> NT4 domain, like you could in the past.


To have a group policy for the Windows clients in the domain as it is not
possible in 3.x as the main purpose. Right now still on the testing mode, I
will try use freeIPA trust
<https://www.freeipa.org/page/Active_Directory_trust_setup>  then maybe
replicate it to Samba AD (as it works the upgrade from Samba NT4, 3.x; need
to double check).

> Can you give some information what your goal is?


Hope and maybe you can give more insights and what other
possible/alternative solutions.

Regards,
Mario



On Fri, May 29, 2015 at 6:51 AM, Marc Muehlfeld <mmuehlfeld at samba.org>
wrote:

> Hello Mario,
>
> Am 28.05.2015 um 01:23 schrieb Mario Codeniera:
>
>> Is it possible to replicate any major versions of Samba? As I don't know
>> if
>> there are major improvements/news on the trust relationship with Samba AD
>> to Windows AD.
>>
>> Currently our setup is Samba3 DC with trust with Windows AD, i used to
>> able
>> to upgrade it on the dummy environment to Samba AD, but again the trust
>> seems not working or maybe I missed something on my configurations.
>>
>
> First let me teach some terms, because wrong usage often cause
> misconceptions: ;-)
> - DCs you have in an Active Directory
> - PDC/BDC you have in an NT4 domain
> - So you have an Windows AD with DC(s) and a Samba NT4 domain with a PDC
> and maybe BDC(s).
>
>
> Some are working in it, but domain trusts between AD domains/forests
> aren't finished yet.
>
> So you're having a trust between your Samba NT4 domain and your Windows AD
> at the moment? What do you want to achieve with your posting? Do you want
> to migrate your Samba NT4 domain to Samba AD? This isn't possible, because
> of the missing trust support (see above).
>
> Or do you just want to get rid of your old 3.x version and move to a more
> recent version? In this case simply upgrade. You can still run 4.x as an
> NT4 domain, like you could in the past.
>
> Can you give some information what your goal is?
>
>
> Regards,
> Marc
>

More information about the samba mailing list