[Samba] Upgrading version 3.6 to 4.4 and Active Directory

[Luke Barone]

Ignore - It was a repeat message with some URLs changed, as I thought I
tripped the spam filter on the list (I couldn't find the message anywhere,
even on the online board).

Sorry for double posting -.-

On Mon, May 30, 2016 at 9:02 AM, Luke Barone <lukebarone at gmail.com> wrote:

> First, background information. We are a large (geographically local)
> organization with 50 sites, including our HQ. Each site has a Debian Server
> running Samba in NT-Domain Controller mode. Each site is independent of the
> next, but are all named as a 3- or 4-character site code
> <http://example.com>. The workstations are connected, and working fine in
> our sites with the single servers.
>
> We had a recent network upgrade that now has every site with a 10.X.Y.Z
> address. X is the site code, so each site is in the same 10.0.0.0/8
> subnet, and we can see the networks from each site. Now is the time to
> setup Active Directory, right?
>
> My goal is to create a forest, starting at the HQ (HQ.example.com) level,
> and working down to each site (SITEA.example, SITEB.example, etc). Our goal
> is to upgrade to Active Directory at each location, so as to not lose any
> of the user data (username/passwords, group memberships, etc), and then
> merge the AD Domains into a hierarchical forest, with each of the techs
> responsible for the domain at their sites. We are hoping that it will also
> allow us to have a user's primary DC (I know that term isn't use, but let's
> say it's the site's main one) down, but still authenticate to another
> trusted domain controller.
>
> Will Samba 4 allow us to do this? If so, is it simply a process of 1)
> Upgrade role to Active Directory Domain Controller, 2) Use Active Directory
> Sites and Services to link each of the 50 domains together? Or is there
> more to it that we need to work on first?
>