[Samba] Migration samba 3 to 4

Rowland Penny rpenny at samba.org
Tue Sep 18 17:29:50 UTC 2018

On Tue, 18 Sep 2018 14:20:19 +0200
Philippe Maladjian via samba <samba at lists.samba.org> wrote:

> Hello,
> On my current installation samba announces domain dom.domain, windows 
> machines and users are registered on domain dom.hilaire, root dn of
> my ldap is dc = domain, dc = fr.
> At first I tested a migration by applying the vm of my server samba3
> and my ldap. I migrated these VMs out of the production network and 
> validated that with a pc from my production network (once the network 
> settings changed) I could connect to the test domain.
> Then I copied the file smb.conf and all the tdb to the new samba
> server 4. I started the migration procedure via samba-tool and got
> the error on the groups Domain Users and Backup Operators as well as
> the login error with my ldap directory.
> After some exchanges I exported in a ldif my directory to modify the 
> root dn in dc = dom, dc = domain so that it corresponds to the
> Windows domain name. I re-imported everything in my directory.
> When I restart the migration procedure by samba-tool I have the same 
> error. As I have the same installation problem with the production 
> version I do not see any relationship with the SID. The samba domain 
> name does not change, it's only the root dn of my ldap directory that
> I change before the migration.

This, as you have found, does not work.

The whole idea behind the classicupgrade script is, it takes your old
PDC domain and upgrades it to an AD domain, with the same users &
passwords, groups and group memberships etc. Most importantly it uses
the same SID, it is the SID that identifies the domain.

You seem to have spent weeks getting this to work, it would have been
quicker to create a new AD domain and port your users etc to that.


More information about the samba mailing list