[Samba] Eventually transitioning to Windows Server 2016
fabianfuture at web.de
Sat Dec 16 13:09:44 UTC 2017
I am preparing to get our Data Center from a Samba 3.5 NT4 domain to AD.
All users, file ownerships, etc. have to remain of course. I am planning to
use Samba 4.7.x, but I was wondering if it is possible to eventually
transition to Windows Server 2016 as the only DC hosts.
The way I understand it is that this is not possible right now, because
Samba doesn't support that schema version (among other things). Thus I
couldn't join WS 2016 DCs and take out the Samba DC. So unless Samba is
updated, once I have AD with Samba-only DC I can't get to WS 2016 with my
The other way would be to go to WS 2016 straight away. I've heard there's
this ADMT tool that can get you from a NT4-style domain to a modern AD
domain. But assuming I do that and have WS2016 DCs, can Samba 4.7.x at
least join as a member to act as a file server?
Also, a kind of unrelated question: Are the passwords from the NT4 domain
somehow rehashed to whatever AD uses? I've heard NT4 uses DES and that's
considered rather insecure these days, but I can't think of how Samba would
be able to change the hash method without knowing the passwords in plain
More information about the samba