[Samba] Convert from NT style Domain to AD on Ubuntu 18.04
Christian Naumer
cn at brain-biotech.de
Wed Feb 27 07:17:33 UTC 2019
Am 27.02.19 um 02:33 schrieb Robert Steinmetz via samba:
>
> My questions are:
>
> * Do I actually need to run the utility on the Member Server of simply
> edit smb.conf to change the security and backend settings?
You only need to run the utility on the PDC.
> * How well does the utility work?
For us it worked. There were some errors on the first runs which you
then need to correct but the conversion then worked. We did extensive
test runs (in a VM)
> * How long will it take?
Depends on how much you want to test. We did extensive test runs (in a
VM). But our setup was ~120 users 4 Samba servers and about 5 other
member server (mail, http, etc). Rowland I think recomends to setup a
new AD if the installation is small and it is feasible to create new
profiles for the users and rejoin all the machines.
The script will run in a view minutes. At least for your installation
with ~120 users it did.
> * What should I be on the look out for?
The script will tell some errors (groups and users with the same name
are not allowed anymore).
You should check your uid ranges.
How are you handling login scripts
Do you want to use GPOs -> what are you using now?
> * What advise would you give me?
Test, test, test. We tested in a view VMs and then We started the
conversion in a fresh VM 1 or two days before the planed downtime. We
stopped all password changes at that time. So our AD was up and running
closed of from the rest of the network and at the scheduled downtime we
just had to rejoin the member servers adapt the configs of the mail
server, webapps etc.
Worked very well. But we were careful to test everything before the
actual upgrade.
If you have more specific questions just ask. The list is very helpful.
And read this:
https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)
and the parts about member servers on the wiki.
Regards
Christian
>
>
>
--
Dr. Christian Naumer
Research Scientist
Plattform-Koordinator Bioprozesstechnik
B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.de, homepage www.brain-biotech.de
fon +49-6251-9331-30 / fax +49-6251-9331-11
Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Dr. Juergen Eck (Vorsitzender), Manfred Bender,
Ludger Roedder
Aufsichtsratsvorsitzender: Dr. Ludger Mueller
More information about the samba
mailing list