[Samba] Samba migration to AD

Trenta sis trenta.sis at gmail.com
Fri Sep 8 06:32:34 UTC 2023 

Hi,

With 4.4.x I understand that is supported to migrate to a W2008R2 with
wiki articles to join as DC?
Thanks

Missatge de Trenta sis <trenta.sis at gmail.com> del dia ds., 2 de set.
2023 a les 9:43:
>
> Hi Andrew,
>
> Thanks for you information!
>
> I understand that Samba 4.4.x that is shcema2008r2, if you make a join
> 2008r2 to samba 4.4.x and then transfer rols to 2008R2 (how?) and
> finally despromote will migrate Ad object -users, computers-, DNS,
> then manually migrate netlogon and gpo manually, will work?
>
> And after that with a native 2008R2, usual steps will allow to migrate
> to latest AD and schema, as MS describes to migrate 2008 to
> 2016/2019/2022
>
> Is this correct or any additional steps required?
>
> Thanks
>
> Missatge de Andrew Bartlett <abartlet at samba.org> del dia dj., 31 d’ag.
> 2023 a les 23:21:
> >
> > Not really answering your question, but as context:
> >
> > For a period of time, newer windows versions refused to join to Samba,
> > as they used a WMI method (which we don't support, being DCOM) to work
> > out what version we were.
> >
> > We told MS, and they fixed that, which was nice of them.
> >
> > Since then, we have also worked around the issue by being able to
> > increase our functional level preparation (which was part of the
> > blocker), and indeed now claim (not finished, but claim enough for the
> > migration) to be FL 2012 and FL 2016.
> >
> > I certainly would first do an in-place or network-join upgrade of Samba
> > to as new as version as your systems can support.
> >
> > Andrew Bartlett
> >
> > On Thu, 2023-08-31 at 23:13 +0200, Trenta sis via samba wrote:
> > > Thanks on wiki appears
> > > https://wiki.samba.org/index.php/Joining_a_Windows_Server_2008_/_2008_R2_DC_to_a_Samba_AD
> > >
> > >  I understand that this can be used to migrate fist 2008r2 and the to
> > > newer versions windows?
> > > Any special requirement for initial join between 2008r2 and samba
> > > (specific min version required to allow this join?)
> > >
> > > Anybody has migrated with a successful result?
> > >
> > > Thanks
> > >
> > > Missatge de Fabio Fantoni <
> > > fabio.fantoni at m2r.biz
> > > > del dia dl., 28
> > > d’ag. 2023 a les 13:38:
> > > > Il 27/08/2023 14:01, Trenta sis via samba ha scritto:
> > > > > Hi,
> > > > >
> > > > > I need to evaluate a migration of two samba DC to a native AD
> > > > > controller, reading wiki, appear that can join to windows 2008,
> > > > > but I
> > > > > can't find a full complete migration steps, anybody has
> > > > > experience
> > > > > about this migration from samba 4.4.5 to AD DC?
> > > > > What are the key on this migration?
> > > > >
> > > > > Thanks!
> > > > >
> > > >
> > > > Hi, I did some tests in latest years to migrate domains with samba
> > > > AD
> > > > domain controllers to windows AD domain controller.
> > > >
> > > > Near all tests was adding windows 2008R2 before but all failed,
> > > > tried to
> > > > follow some different howtos (major part is near the same) but
> > > > windows
> > > > always fails to complete the first synchronization and even if I
> > > > enabled
> > > > and synced SYSVOL manually the issue on windows persist and also
> > > > trying
> > > > to force remove of samba DC and add other windows DC I've never
> > > > been
> > > > able to get a consistent one (of windows DC).
> > > >
> > > > small note, before there is to create two attributes
> > > > msDS-SDReferenceDomain in the "cn=configuration" (not all howto
> > > > tell
> > > > them), in this for example that is also a script to do easy (is
> > > > possible
> > > > to do also manually with "ADSI edit" from windows tools like what I
> > > > did):
> > > >
> > > > https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_add_windows_active_directory.html
> > > >
> > > >
> > > > now that next samba version (4.19) add more functionality about
> > > > domain
> > > > feature level I also tried to increase it for try adding directly
> > > > windows 2012r2 and windows 2019 servers, but I had 2 errors for
> > > > now, one
> > > > reported and fixed and one report just now (however this is quite
> > > > normal
> > > > with new version still in "rc" and a newly added feature, FL 2016
> > > > is
> > > > also partial). I think issues samba side can be solved,it's just a
> > > > matter of time, what which unfortunately are more difficult are the
> > > > windows ones.
> > > >
> > > > Has anyone had success migrating from samba to windows and know how
> > > > to
> > > > troubleshoot the windows DCs issue? I have not been able to find a
> > > > solution from online research and I have tried in many ways, now I
> > > > just
> > > > have to try with higher domain feature level on more recent windows
> > > > servers
> > > >
> > > > thanks for any reply and sorry for my bad english
> > > >
> > > >
> > > > --
> > > > Questa email è stata esaminata alla ricerca di virus dal software
> > > > antivirus Avast.
> > > > www.avast.com
> > > >
> > --
> > Andrew Bartlett (he/him)       https://samba.org/~abartlet/
> > Samba Team Member (since 2001) https://samba.org
> > Samba Team Lead                https://catalyst.net.nz/services/samba
> > Catalyst.Net Ltd
> >
> > Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
> > company
> >
> > Samba Development and Support: https://catalyst.net.nz/services/samba
> >
> > Catalyst IT - Expert Open Source Solutions
> >

More information about the samba mailing list