Hi, I have been using Samba3 (and 2) for years, with an openLDAP backend for authentication. This is working fine, my directory includes a number of local settings for my specific needs. Now I would like to move to Samba4. I understand that Samba4 comes with its own DNS and LDAP servers. By provisioning Samba4 with --dns-backend=NONE and including the necessary to my existing DNS zone, is that enough to get rid of the DNS server included with Samba4? What kind of updates does Samba need to perform to DNS? The one at the provisioning and the machine name that join the domain (this is already taken care of by DHCP). Is there anything I oversee? Now regarding LDAP, is there a way to tell Samba to replicate the directory from my existing openLDAP? Best regards, Olivier --
Hi Olivier, I had a similar situation for many of my clients, and I am not anywhere near the end of it yet. I can offer some of my experience though. The upgrade procedure is documented in https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO and I ended up using --dns-backend=BIND9_DLZ. If you want to set up an AD domain controller then DNS is really important. As far as the other ldap things, the classic upgrade does not pull in anything that doesn't have samba attributes. I ended up creating some things from scratch after the fact. Sent from my iPhone On 06/08/2013, at 7:08 PM, Olivier Nicole <Olivier.Nicole at cs.ait.ac.th> wrote:> > Hi, > > I have been using Samba3 (and 2) for years, with an openLDAP backend for > authentication. This is working fine, my directory includes a number of > local settings for my specific needs. > > Now I would like to move to Samba4. > > I understand that Samba4 comes with its own DNS and LDAP servers. > > By provisioning Samba4 with --dns-backend=NONE and including the > necessary to my existing DNS zone, is that enough to get rid of the DNS > server included with Samba4? What kind of updates does Samba need to > perform to DNS? The one at the provisioning and the machine name that > join the domain (this is already taken care of by DHCP). Is there > anything I oversee? > > Now regarding LDAP, is there a way to tell Samba to replicate the > directory from my existing openLDAP? > > Best regards, > > Olivier > > > -- > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
On 08/06/2013 02:08 AM, Olivier Nicole wrote:> Hi, > > I have been using Samba3 (and 2) for years, with an openLDAP backend for > authentication. This is working fine, my directory includes a number of > local settings for my specific needs. > > Now I would like to move to Samba4. > > I understand that Samba4 comes with its own DNS and LDAP servers. > > By provisioning Samba4 with --dns-backend=NONE and including the > necessary to my existing DNS zone, is that enough to get rid of the DNS > server included with Samba4?Well you can use the bind-dlz plugins so that samba use bind instead of its own internal server. Another option is to configure your global DNS to use Samba as the source of authority just for the domain of your AD.> What kind of updates does Samba need to > perform to DNS? The one at the provisioning and the machine name that > join the domain (this is already taken care of by DHCP). Is there > anything I oversee? > > Now regarding LDAP, is there a way to tell Samba to replicate the > directory from my existing openLDAP?No. Our LDAP Server support schema upgrade so if the stuff that you have in your OL has a schema that is compatible to Samba you can update Samba's schema and then load the data by export/import in Samba. Another way of doing is by using overlays in OL to present in the desired way the information coming from both OL and Samba 4. Matthieu.> > Best regards, > > Olivier > >-- Matthieu Patou Samba Team http://samba.org