[Samba] accessing foreign AD users to NT domain
Rowland penny
rpenny at samba.org
Mon Aug 24 14:32:58 UTC 2020
On 24/08/2020 15:02, Piviul via samba wrote:
> Hi all, I'm planning to migrate a NT domain to a AD domain. Someone
> suggested me to create a new AD domain,
Who was this 'someone' ? I ask because the correct way of doing this is
to run 'samba-tool domain classicupgrade', we even have a wikipage:
https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)
> then add manually users to AD with the same username and password of
> the NT domain and then join every PC to the new AD domain. This way
> the migration should be flawlessly because in a windows network a user
> can works on foreign resources (resources that are shared from server
> joined to other domains) if he shares same username and password. On
> my network that's doesn't seems to works.
Your users and groups in your new AD domain are not the same users and
groups as in your old NT4-style domain.
>
> I have a samba3 (4.1.17-Debian) NT domain, I have a new AD domain
> (4.10.4) and I have a user in AD domain with the same credentials in
> the NT domain. I have joined a windows PC to the AD domain and when
> the user logon to the PC he can successfully works on all pc/server
> _windows_ shares joined to NT domain but can't on _samba_ shares
> joined to the NT domain.
Just because they use the same password does not make them the same user.
>
> Please can someone help me to troubleshoot the problem?
Yes, stop listening to spurious people who have never done the upgrade
and follow our documentation ;-)
Rowland
More information about the samba
mailing list