[Samba] Migration 3.5 to 4.x, realm identical to domain

Rowland Penny rpenny at samba.org
Wed Jun 1 08:29:14 UTC 2022

On Wed, 2022-06-01 at 08:59 +0200, Philippe Maladjian wrote:
> That's exactly what I do. I copied the VM from my samba 3.5 and
> created a VM of a user station, all placed in a dedicated network
> that does not communicate with the prod network. After adding the VM
> pc to the domain at 3.5 test, I make several connection/disconnection
> attempts to make sure that the rights management works correctly.
> To perform the migration by changing the domain name I should follow
> this procedure:
> - take the test pc out of the domain;

If by 'pc' you mean the Samba PDC, then yes, but I would 'clone' it and
then place this on a separate subnet that isn't connected to your
production network.

> - stop samba;
> - change the workgroup name in smb.conf;

You will also need to change the dns domain

> - modify LDAP data by replacing the old domain (dom.mondomain) with
> the new one (nomrue205);
> - restart samba;
> - reintegrate the test pc.

No, not unless you want to destroy your production domain. Do all your
testing away from the production domain.

> Won't I encounter a problem with user and machine SIDs?

No, because, provided you change all mention of the old
workgroup/Netbios domain name (DOM.MONDOMAIN) with the new one, the SID
will then point to the new Netbios domain name on the clone.


More information about the samba mailing list