[Samba] External Authentication

Julien TEHERY julien.tehery at openevents.fr
Fri Apr 12 11:44:42 UTC 2019

Le 12/04/2019 à 12:44, Rowland Penny via samba a écrit :
> On Fri, 12 Apr 2019 12:06:14 +0200
> Julien TEHERY via samba <samba at lists.samba.org> wrote:
>> @Rowland :
>> |See the answer above, plus there is a very big hole in your proposed
>> |set up, if your clients see the AD DC, they will not contact the NT4
>> |PDC again.
>> I've seen some setups where a company had a (real) AD domain and a
>> samba3 domain working together on the same subnets with win7 or win10
>> workstations who could join one or another domain without troubles.
>> What you mean is if samba4 domain has the same name as samba3 domain,
>> workstations won't be able so see the oldest anymore once joined to
>> the new one? Or does it mean that whatever the name of the new samba4
>> domain is, if a workstation joins it, it won't be able to join the
>> old domain anymore? (never tried it)
>> As my POC seems to work well, I intend ton install it in production
>> soon. Is it recommended to set the new samba4 domain in production up
>> on a different subnet or not?
>  From my understanding, if you classicupgrade a NT4-style domain to an
> AD domain, once your clients see the new AD DC, they will not reconnect
> to the old PDC. The classicupgrade reuses the domain name, SID, etc,
> this is what matters.
> Rowland
Ok, in my case I'm migrating from one to another and was wondering if 
this kind of troubles could happen or not.
Also wanted to share somme intereting tools to Christian :)


More information about the samba mailing list