Ricardo Pardim Claus
2016-Jul-09 11:03 UTC
[Samba] Compatibility with Windows Server 2012 R2
Dear Marc,In the field we have only simple objects (GPO desktop, file server,
users and groups).In total, there are approximately 100 desktops +120 users.
Only one site.
How to create a new domain in the Samba with the same SID of the current domain?
So I could create a new DC with the same domain and SID, and import objects
(users and desktops accounts).
De: Marc Muehlfeld <mmuehlfeld at samba.org>
Para: Ricardo Pardim Claus <ricardo.claus at yahoo.com.br>; "samba
at lists.samba.org" <samba at lists.samba.org>
Enviadas: Sábado, 9 de Julho de 2016 6:21
Assunto: Re: [Samba] Compatibility with Windows Server 2012 R2
Am 08.07.2016 um 19:36 schrieb Ricardo Pardim Claus:>> Microsoft's AD schemas later than version 47 are currently
incompatible
>> with Samba AD DCs.
>
> Confirmed here, the AD schema is at version 69.
> Other settings: Domain Level and Forest Functional Level
> could downgrade to Windows 2008.
> We need to replace this DC MS by Samba, but keeping
> the same domain.
* What size is your domain (users, machines, number of sites, etc.)?
* Are only the plain AD objects in the directory or any other stuff, too
(additional attributes, Exchange, etc.)?
Maybe the amount of work is acceptable to provision the domain from
scratch? Otherwise you have to provision a new domain in Samba with the
same domain SID (do we have an option for that??) and find some tools to
export/import all user/group/machine objects that work with Samba AD and
MS AD.
Regards,
Marc
Hello Ricardo, Am 09.07.2016 um 13:03 schrieb Ricardo Pardim Claus:> Dear Marc,In the field we have only simple objects > (GPO desktop, file server, users and groups). > In total, there are approximately 100 desktops +120 users. > Only one site. How to create a new domain in > the Samba with the same SID of the current domain?# samba-tool domain provision --help ... --domain-sid=SID> So I could create a new DC with the same domain and SID, > and import objects (users and desktops accounts).Theoretically it's possible, but I've never tried it. At the moment I don't have suggestion for a tool that exports everything that is important (e. g. accounts incl. passwords, etc.). If you were sucessful it's worth publishing the steps. :-) Regards, Marc
Ricardo Pardim Claus
2016-Jul-10 11:57 UTC
[Samba] Compatibility with Windows Server 2012 R2
I had joined the Samba as a secondary DC. At first he imported all (accounts, groups, users and gpo).I can see all the objects that were imported. But the version of Schema Samba came as 69. The errors that I notice is regarding DNS and ForestDNS synchronization.It seems that the error is displayed when you synchronize Samba for Windows. When Windows to Samba, the commands do not return error.>From this scenario (Samba with imported objects), even with the Schema version 69, you have another idea or tip so I can study the complete migration of the main DC to Samba?De: Marc Muehlfeld <mmuehlfeld at samba.org> Para: Ricardo Pardim Claus <ricardo.claus at yahoo.com.br>; "samba at lists.samba.org" <samba at lists.samba.org> Enviadas: Sábado, 9 de Julho de 2016 12:20 Assunto: Re: [Samba] Compatibility with Windows Server 2012 R2 Hello Ricardo, Am 09.07.2016 um 13:03 schrieb Ricardo Pardim Claus:> Dear Marc,In the field we have only simple objects > (GPO desktop, file server, users and groups). > In total, there are approximately 100 desktops +120 users. > Only one site. How to create a new domain in > the Samba with the same SID of the current domain?# samba-tool domain provision --help ... --domain-sid=SID> So I could create a new DC with the same domain and SID, > and import objects (users and desktops accounts).Theoretically it's possible, but I've never tried it. At the moment I don't have suggestion for a tool that exports everything that is important (e. g. accounts incl. passwords, etc.). If you were sucessful it's worth publishing the steps. :-) Regards, Marc