Juan Ignacio
2022-Nov-23 03:01 UTC
[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).
> > Tried connect LDAP to the new Server but for some reason didnt, work. > > Checked ports and seems them are listening on the New server. > > I used the same credentials and setup i used with the old samba 4.1 server. > > Anyowone knows if something changes about Samba LDAP or maybe if im > missing something. > > Thx in advance. >About the LDAP. Seems the new samba requires strong auth by default, i changed the value on smb.conf and now I can connect using the new server. If someone knows how can i use strong auth and connect could be good for security reasons, I looked around the web but didn't find good info about samba and this. Thx. El mar, 22 nov 2022 a las 18:36, Juan Ignacio (<juan.ignacio.pazos at gmail.com>) escribi?:> Tried connect LDAP to the new Server but for some reason didnt, work. > > Checked ports and seems them are listening on the New server. > > I used the same credentials and setup i used with the old samba 4.1 server. > > Anyowone knows if something changes about Samba LDAP or maybe if im > missing something. > > Thx in advance. > > El lun, 21 nov 2022 16:25, Juan Ignacio <juan.ignacio.pazos at gmail.com> > escribi?: > >> Man, you don't know how happy i?m, i really thank you for your help.? ? ? >> ? >> Long time waiting to do that for more than 3 years, you guys are awesome. >> It Is incredible the things you improved on Samba, I remember when I >> compile samba 4 coming from 3 building it from sources because no >> repositories and I needed an ad dc, now everything looks so smart. >> Can't wait to play with this new server. >> >> Wanna ask a few more things..to be sure i don't break anything.:-) >> >> *About Member servers who joined the olddc.* >> >> The new server already knows that these computers are joined? >> For example one of the file servers, the new server authenticates them >> even if the old server is not online? >> >> *About Roaming Profiles.* >> >> On the old server I have some users who login and use Roaming Profiles on >> windows, on the new server looking at the /etc/samba/smb.conf didn't see >> any shares about Roaming Profiles. >> I need to make that share and migrate them to one of the file servers? >> How can i add a share on a different samba member on smb.conf, is this >> possible and correct? >> >> *About smb.conf differences between dc1 and dc2.* >> >> I have this options on samba config on the old server, I remember when we >> did it with you because this server also works as file server. >> The new server DC2 isn't resolving dns but I'm interested in that or >> maybe any other suggestion. >> >> Another thing is, I don't know how winbind works now, how we list the >> users and group on different servers on linux? >> >> workgroup = MIDOMAIN >> realm = mydomain.org >> netbios name = DC1 >> server role = active directory domain controller >> dns forwarder = 200.40.220.245 >> allow dns updates = nonsecure and secure >> #server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, >> winbind, ntp_signd, kcc, dnsupdate, dns, smb >> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, >> netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, >> backupkey, dnsserver, winreg, srvsvc >> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, >> drepl,winbind, ntp_signd, kcc, dnsupdate, dns >> idmap_ldb:use rfc2307 = yes >> #winbind use default domain = yes >> winbind enum users = yes >> winbind enum groups = yes >> #winbind nested groups = yes >> log level = 3 >> log file = /var/log/samba/samba.log >> # unix charset = ISO8859-1 >> >> >> *About the Samba 4.16 replication.* >> >> Far time ago, replication was pretty cryptic for samba 4.1, now i don't >> know how the new server get the info from the old one. >> How the new server has all the info and what happens when the primary >> ac-dc fails. >> Can you help me to understand a bit or send me some info about how this >> works. >> >> Thx for everything you did for me, I hope this thread helps someone else >> too in the future. >> >> Juan. >> >> >> >> El lun, 21 nov 2022 a las 14:36, Rowland Penny via samba (< >> samba at lists.samba.org>) escribi?: >> >>> >>> >>> On 21/11/2022 16:03, Juan Ignacio via samba wrote: >>> > Seems it looks good.. >>> > After Provision... >>> >>> No, it looks good after the domain join. ;-) >>> >>> Rowland >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >>> >>
Michael Tokarev
2022-Nov-23 05:12 UTC
[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).
23.11.2022 06:01, Juan Ignacio via samba wrote: ..> About the LDAP. > > Seems the new samba requires strong auth by default, i changed the value on > smb.conf and now I can connect using the new server.Which value did you change?> If someone knows how can i use strong auth and connect could be good for > security reasons, I looked around the web but didn't find good info about > samba and this.Thanks, /mjt