Hi Kris, The LDAP is in the new Samba4 box. We need to make sure the setup first fine before migrating to AD Regards, Praveen Ghimire -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Kris Lou via samba Sent: Friday, 10 August 2018 3:16 PM To: samba at lists.samba.org Subject: Re: [Samba] LDAP SSL Why don't you import your LDAP database to the new Samba 4 VM and perform your classicupgrade there? Option 2 (bullet #2) of https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)#LDAP This also has the added advantage of not touching your production environment until you're ready ... assuming that you segregate the VM for testing and such. Kris Lou klou at themusiclink.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________
On Fri, 10 Aug 2018 06:29:54 +0000 Praveen Ghimire via samba <samba at lists.samba.org> wrote:> Hi Kris, > > The LDAP is in the new Samba4 box. We need to make sure the setup > first fine before migrating to AD > >Wrong, you need to test the upgrade in a test environment before you carry out the classicupgrade for real. Do not in any circumstances allow ANY of your domain clients 'see' the new AD DC, once they do, there is no turning back, they will not connect to your old PDC again without totally re-installing the OS. I would clone your PDC and then use this for testing, but ensure this is not connected to your main network. Rowland
Hi Rowland, The test environment is totally isolated and we testing with images of the client machines. We're just trying to iron out any issues post the PDC role move. We have a small list we are going through. The SSL bit is one of them. Once the new environment is stable, we'll be migratingto AD. Regards, Praveen Ghimire -------- Original message -------- From: Rowland Penny via samba <samba at lists.samba.org> Date: 10/08/2018 6:01 PM (GMT+10:00) To: samba at lists.samba.org Subject: Re: [Samba] LDAP SSL On Fri, 10 Aug 2018 06:29:54 +0000 Praveen Ghimire via samba <samba at lists.samba.org> wrote:> Hi Kris, > > The LDAP is in the new Samba4 box. We need to make sure the setup > first fine before migrating to AD > >Wrong, you need to test the upgrade in a test environment before you carry out the classicupgrade for real. Do not in any circumstances allow ANY of your domain clients 'see' the new AD DC, once they do, there is no turning back, they will not connect to your old PDC again without totally re-installing the OS. I would clone your PDC and then use this for testing, but ensure this is not connected to your main network. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________