[Samba] v3 to AD migration: home folders, quotas, users..

Wed Jun 27 09:04:53 UTC 2018

 Hi,
  we want to migrate from samba3 NT4 domain (we were using it for a long 
time) to Samba4 AD. A lot of questions.
  a) user homes mapping
    From our v3 smb.conf
      logon drive = S:
  [homes]
        comment = Home Directories
        path = /home/%u
        read only = No
        create mask = 0700
        directory mask = 0700
        inherit acls = Yes
        browseable = No
        root preexec = /usr/local/bin/RPE4 '%u' 'HOMESHARE' '%m' '%a'    

    I tried -according to samba wiki- to map home folders through group 
policy. It worked, but it only maps network drive S: and it does NOT set it 
as user home folder; home folder remains mapped to c:\users\username. Should
I use samba v3 style? Other way?

  b) In /usr/local/bin/RPE4 (which is run everytime user tries to use the 
share) we do a lot of actions, eg
     - creating user home folder, if it not exists
     - creating user profile folder, if it not exists
     - setting user quota (via setquota command) according to user name (we 
have about 10 different quota groups) (there is a default quota, but some 
user groups have different user quotas) 

     What is the best way to do this in samba AD? Note that we use the home 
folders not only for users, which are logged into windows (into domain from 
windows logon screen), we map the home folders via "net use.." for not 
domain users too.

  c) We use openldap and both linux/unix and windows/samba authentication 
against it (samba has ldap backend configured, linuxes use sssd). We use not
very handy mechanism of setting sambaNTpasswd and userPassword (crypted, set
from HPUX) via ldapmodify. This is not standard and acceptable solution for 
future. How to do it in samba AD? We have 1000+ users, all with both samba 
SIDs and unix user attribs and we need to migrate them from openldap to 
samba AD.

  Next questions, eh, challenges, will come soon.

  Thanks, Michal