I greatly appreciate the answers. Are of great value to me and to others who like me do not have much experience. Another question. :D I believe that we will use debian as distribution for the new Samba4. What I need to copy from the old to the new distro? On Sat, Dec 6, 2014 at 12:49 PM, Rowland Penny <rowlandpenny at googlemail.com> wrote:> On 06/12/14 14:32, Elias Pereira wrote: > >> Hello Marc, >> >> I appreciate your response, as well as the other members. Reading your >> answer, I believe I found what I wanted. Option 3, the principle is what I >> need right now. I'll try to explain. >> >> Today in production, we have the samba3 + openldap. The samba3 is >> installed >> on a freebsd, but has some problems that we can not detect. My boss does >> not want to drop the openldap now. We have discussed about it, and he does >> not want. :D >> >> Let's get this straight. What you say under option 3, can I upgrade to >> Samba4 and continue using openldap the same way we are using now, ie >> samba3 >> + openldap. Then would be, Samba4 (without AD DC) + openldap. Would that >> be? >> >> On Sat, Dec 6, 2014 at 11:56 AM, Marc Muehlfeld <mmuehlfeld at samba.org> >> wrote: >> >> Hello Elias, >>> >>> Am 06.12.2014 um 14:44 schrieb Elias Pereira: >>> >>>> We already have a Openldap in production, with a samba3. What I am >>>> >>> wanting >>> >>>> to do is install the Samba4, and still continue to use the "openldap" >>>> for >>>> authentication of users in various services that are operating. >>>> >>>> You think it's possible? >>>> >>> Depends on what your exact plan on this is. You're still not very >>> detailed. ;-) >>> >>> >>> >>> 1.) If you do the classicupgrade to Samba AD then all your workstations >>> will use the Samba AD for authentication. You have to turn off your >>> Samba PDC service then. Of course, you can keep the openLDAP to >>> authenticate other services against. But this is a separate database and >>> passwords won't change in openLDAP, if users do in AD. >>> >>> This would be a way for a slower migration to Samba AD and hooking up >>> the other services to AD afterwards (with the disadvantage of e. g. the >>> passwort situation). >>> >>> >>> >>> 2.) If you're having other services, that should not contact DCs >>> directly (like hosts in DMZ), you can use the openLDAP proxy >>> documentation from the Wiki. >>> >>> >>> >>> 3.) If you don't want/need to move to Samba AD, then simply upgrade as >>> usual and continue running Samba as NT4 PDC. Samba 4 doesn't require to >>> migrate to AD: >>> >>> https://wiki.samba.org/index.php/Updating_Samba#Common_ >>> misconceptions_about_Samba_4 >>> >>> >>> >>> If this doesn't answer you question, then please give a comprehensive >>> overview about your current setup, the setup you plan to get and about >>> your environment. This would make it easier to help, instead of >>> guessing. ;-) >>> >>> >>> >>> >>> Regards, >>> Marc >>> >>> >> >> > Hi, it might help if you read this: https://wiki.samba.org/index. > php/Samba_Readme_First > > > Note to Marc, can we put a link to this on main wiki page ? the page seems > to be protected. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Elias Pereira
On 06/12/14 16:12, Elias Pereira wrote:> I greatly appreciate the answers. Are of great value to me and to > others who like me do not have much experience. > > Another question. :D > > I believe that we will use debian as distribution for the new Samba4. > What I need to copy from the old to the new distro? > > On Sat, Dec 6, 2014 at 12:49 PM, Rowland Penny > <rowlandpenny at googlemail.com <mailto:rowlandpenny at googlemail.com>> wrote: > > On 06/12/14 14:32, Elias Pereira wrote: > > Hello Marc, > > I appreciate your response, as well as the other members. > Reading your > answer, I believe I found what I wanted. Option 3, the > principle is what I > need right now. I'll try to explain. > > Today in production, we have the samba3 + openldap. The samba3 > is installed > on a freebsd, but has some problems that we can not detect. My > boss does > not want to drop the openldap now. We have discussed about it, > and he does > not want. :D > > Let's get this straight. What you say under option 3, can I > upgrade to > Samba4 and continue using openldap the same way we are using > now, ie samba3 > + openldap. Then would be, Samba4 (without AD DC) + openldap. > Would that be? > > On Sat, Dec 6, 2014 at 11:56 AM, Marc Muehlfeld > <mmuehlfeld at samba.org <mailto:mmuehlfeld at samba.org>> > wrote: > > Hello Elias, > > Am 06.12.2014 um 14:44 schrieb Elias Pereira: > > We already have a Openldap in production, with a > samba3. What I am > > wanting > > to do is install the Samba4, and still continue to use > the "openldap" for > authentication of users in various services that are > operating. > > You think it's possible? > > Depends on what your exact plan on this is. You're still > not very > detailed. ;-) > > > > 1.) If you do the classicupgrade to Samba AD then all your > workstations > will use the Samba AD for authentication. You have to turn > off your > Samba PDC service then. Of course, you can keep the > openLDAP to > authenticate other services against. But this is a > separate database and > passwords won't change in openLDAP, if users do in AD. > > This would be a way for a slower migration to Samba AD and > hooking up > the other services to AD afterwards (with the disadvantage > of e. g. the > passwort situation). > > > > 2.) If you're having other services, that should not > contact DCs > directly (like hosts in DMZ), you can use the openLDAP proxy > documentation from the Wiki. > > > > 3.) If you don't want/need to move to Samba AD, then > simply upgrade as > usual and continue running Samba as NT4 PDC. Samba 4 > doesn't require to > migrate to AD: > > https://wiki.samba.org/index.php/Updating_Samba#Common_misconceptions_about_Samba_4 > > > > If this doesn't answer you question, then please give a > comprehensive > overview about your current setup, the setup you plan to > get and about > your environment. This would make it easier to help, > instead of > guessing. ;-) > > > > > Regards, > Marc > > > > > Hi, it might help if you read this: > https://wiki.samba.org/index.php/Samba_Readme_First > > > Note to Marc, can we put a link to this on main wiki page ? the > page seems to be protected. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > > > > -- > Elias PereiraIf you going to just update like for like on a new machine i.e. run samba4 in classic mode with OpenLDAP, then you will only really need the smb.conf (though this may require tweaking) and an ldif dump from your old ldap. Set up your new machine, set up samba, set up OpenLDAP and import your ldif and you should be good to go. However if your old machine is a PDC, then you will probably be better setting your new machine up as a BDC, then remove the PDC and make the BDC the PDC when everything is running ok. Rowland
Rowland, The *openldap* will be the same that is already working on our campus (technological courses). I have samba3 on a freebsd, but the samba4 I will switch to Debian. I believe that in addition to the *smb.conf*, I have to also copy the following folders: */etc/samba/* */var/lib/samba/* Proceeds? On Sat, Dec 6, 2014 at 2:23 PM, Rowland Penny <rowlandpenny at googlemail.com> wrote:> On 06/12/14 16:12, Elias Pereira wrote: > > I greatly appreciate the answers. Are of great value to me and to others > who like me do not have much experience. > > Another question. :D > > I believe that we will use debian as distribution for the new Samba4. > What I need to copy from the old to the new distro? > > On Sat, Dec 6, 2014 at 12:49 PM, Rowland Penny < > rowlandpenny at googlemail.com> wrote: > >> On 06/12/14 14:32, Elias Pereira wrote: >> >>> Hello Marc, >>> >>> I appreciate your response, as well as the other members. Reading your >>> answer, I believe I found what I wanted. Option 3, the principle is what >>> I >>> need right now. I'll try to explain. >>> >>> Today in production, we have the samba3 + openldap. The samba3 is >>> installed >>> on a freebsd, but has some problems that we can not detect. My boss does >>> not want to drop the openldap now. We have discussed about it, and he >>> does >>> not want. :D >>> >>> Let's get this straight. What you say under option 3, can I upgrade to >>> Samba4 and continue using openldap the same way we are using now, ie >>> samba3 >>> + openldap. Then would be, Samba4 (without AD DC) + openldap. Would that >>> be? >>> >>> On Sat, Dec 6, 2014 at 11:56 AM, Marc Muehlfeld <mmuehlfeld at samba.org> >>> wrote: >>> >>> Hello Elias, >>>> >>>> Am 06.12.2014 um 14:44 schrieb Elias Pereira: >>>> >>>>> We already have a Openldap in production, with a samba3. What I am >>>>> >>>> wanting >>>> >>>>> to do is install the Samba4, and still continue to use the "openldap" >>>>> for >>>>> authentication of users in various services that are operating. >>>>> >>>>> You think it's possible? >>>>> >>>> Depends on what your exact plan on this is. You're still not very >>>> detailed. ;-) >>>> >>>> >>>> >>>> 1.) If you do the classicupgrade to Samba AD then all your workstations >>>> will use the Samba AD for authentication. You have to turn off your >>>> Samba PDC service then. Of course, you can keep the openLDAP to >>>> authenticate other services against. But this is a separate database and >>>> passwords won't change in openLDAP, if users do in AD. >>>> >>>> This would be a way for a slower migration to Samba AD and hooking up >>>> the other services to AD afterwards (with the disadvantage of e. g. the >>>> passwort situation). >>>> >>>> >>>> >>>> 2.) If you're having other services, that should not contact DCs >>>> directly (like hosts in DMZ), you can use the openLDAP proxy >>>> documentation from the Wiki. >>>> >>>> >>>> >>>> 3.) If you don't want/need to move to Samba AD, then simply upgrade as >>>> usual and continue running Samba as NT4 PDC. Samba 4 doesn't require to >>>> migrate to AD: >>>> >>>> >>>> https://wiki.samba.org/index.php/Updating_Samba#Common_misconceptions_about_Samba_4 >>>> >>>> >>>> >>>> If this doesn't answer you question, then please give a comprehensive >>>> overview about your current setup, the setup you plan to get and about >>>> your environment. This would make it easier to help, instead of >>>> guessing. ;-) >>>> >>>> >>>> >>>> >>>> Regards, >>>> Marc >>>> >>>> >>> >>> >> Hi, it might help if you read this: >> https://wiki.samba.org/index.php/Samba_Readme_First >> >> >> Note to Marc, can we put a link to this on main wiki page ? the page >> seems to be protected. >> >> Rowland >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > > > > -- > Elias Pereira > > > If you going to just update like for like on a new machine i.e. run samba4 > in classic mode with OpenLDAP, then you will only really need the smb.conf > (though this may require tweaking) and an ldif dump from your old ldap. Set > up your new machine, set up samba, set up OpenLDAP and import your ldif and > you should be good to go. However if your old machine is a PDC, then you > will probably be better setting your new machine up as a BDC, then remove > the PDC and make the BDC the PDC when everything is running ok. > > Rowland >-- Elias Pereira