[Samba] Migrating SAMBA 3 NT4 domain to SAMBA 4 AD
K.R. Foley
kr at cybsft.com
Mon Aug 24 13:09:22 UTC 2020
On 2020-08-24 02:21, Rowland penny via samba wrote:
> On 24/08/2020 03:59, K. R. Foley via samba wrote:
>> Hi,
>>
>> We have an older Samba3 NT4 domain, which uses a TDB backend. We have
>> a variety of different versions of Windows clients. We need to migrate
>> to a Samba 4 AD domain. I have successfully tested the classic upgrade
>> on a new server in an isolated network, but I had to work through some
>> issues along the way. My understanding is that if the clients
>> communicate with the new AD DC, they will never be able to go back to
>> the NT4 domain. Is this correct? I am concerned about getting into an
>> all or nothing situation with no return path.
>>
>> Is there a way to:
>>
>> 1)convert the data on the new server using the classic upgrade
>>
>> 2) mount the Samba file systems via NFS on the new AD DC so that both
>> servers have access to the file systems
>>
>> 3) enable the new server and keep the existing Samba NT4 PDC active
>> simultaneously
>>
>> 4) migrate the client PCs gradually instead of all at once
>>
>> Any advice is greatly appreciated. Thanks.
>>
> Your problem would be that you would have two domains using the same
> SID, this would confuse the clients and if your clients contact the AD
> DC, they will ignore the PDC.
>
> You could try using different IP ranges for each domain, but even
> then, I think you will have problems unless you can physically
> separate the networks.
>
> If you cannot migrate the clients all at once, then ensure they can
> only see one domain, do not allow them to see the AD domain until they
> are disconnected from the PDC.
>
> Rowland
Thanks for your response and clarification.
Regarding the statement "they will ignore the PDC" above, is there
really no way to undo that?
kr
More information about the samba
mailing list