On Tue, 2018-02-20 at 18:11 +1000, Rob Thoman via samba wrote:> Hi Guys, > Have not had any feedback on this. I found the following article but not > sure if it is valid > > Here is what we are planning, high level > Phase1: > > - Add a new Samba 4 server (VM in a new hardware). Join it to the existing > domain > - Promote this server as DC in the Samba 3 environment , > - Migrate the DNS, DHCP from Samba 3 to Samba 4 server > - Demote the old Samba box as Domain Controller, leave the Shares in the > old server > > Phase2: > - Take a copy of the new samba DC VM and test NT4 to AD migration using the > classic upgrade > > The urgency is do get Phase1 done but Phase2 is approved. > > What we would like to know if conceptually the above makes sense and is > doable? The bit we are not very sure about is Adding the BDC and demoting > the PDC. Any suggestions will be appreciated.Sounds good to me. For the Samba 'classic/nt4-like' mode just removing the 'domain master = no' makes it a PDC. You can even have multiple PDCs as long as they can't see each other over netbios, the protocol is so simple it doesn't really matter (unlike AD). Andrew Bartlett> Thank you. > > RT-- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
Hi Andrew, Thank you for that. So it doesn't matter if I have TDB as my DB? Also, how do I replicate the data? Copy and paste ? /vat/lib/samba ,/private , passwd and group files? On Tue, Feb 20, 2018 at 8:02 PM, Andrew Bartlett <abartlet at samba.org> wrote:> On Tue, 2018-02-20 at 18:11 +1000, Rob Thoman via samba wrote: > > Hi Guys, > > Have not had any feedback on this. I found the following article but not > > sure if it is valid > > > > Here is what we are planning, high level > > Phase1: > > > > - Add a new Samba 4 server (VM in a new hardware). Join it to the > existing > > domain > > - Promote this server as DC in the Samba 3 environment , > > - Migrate the DNS, DHCP from Samba 3 to Samba 4 server > > - Demote the old Samba box as Domain Controller, leave the Shares in the > > old server > > > > Phase2: > > - Take a copy of the new samba DC VM and test NT4 to AD migration using > the > > classic upgrade > > > > The urgency is do get Phase1 done but Phase2 is approved. > > > > What we would like to know if conceptually the above makes sense and is > > doable? The bit we are not very sure about is Adding the BDC and demoting > > the PDC. Any suggestions will be appreciated. > > Sounds good to me. For the Samba 'classic/nt4-like' mode just removing > the 'domain master = no' makes it a PDC. You can even have multiple > PDCs as long as they can't see each other over netbios, the protocol is > so simple it doesn't really matter (unlike AD). > > Andrew Bartlett > > > Thank you. > > > > RT > -- > Andrew Bartlett http://samba.org/~abartlet/ > Authentication Developer, Samba Team http://samba.org > Samba Developer, Catalyst IT http://catalyst.net.nz/ > services/samba > >
Hi Andrew,
I've setup a new Samba 4 box (sam4dc) on Ubuntu 14.04 with Samba 4.3.11. I
have the following
Just to clarify, sam3DC is the current DC with samba 3.6.3
smb.conf
[global]
workgroup = STEST
netbios name = Sam4DC
password server = Sam3DC (This is the current DC)
security = user
resolv.conf
nameserver = 192.168.10.1 (IP of Sam3DC)
I can ping the sam3dc from the sam4dc box using fqdn.
When I try to join sam4dc into stest domain I get:
net rpc join -U dadmin
cannot join as standalone machine
If I add the server role = member server , I get the same error message.
If I add the security = domain , it asks me DO you really want to join an
Active Directory Domain. If I put the password in, I get smb_signing_good:
BAD SIG : seq 1
Do I copy the smb.conf file from sam3dc and change the bit about domain
master = no ? Or do I have join the machine to the domain as DC using
server role = DC in smb.conf?
Thank you
RT
On Tue, Feb 20, 2018 at 8:29 PM, Rob Thoman <emailthomasrob at gmail.com>
wrote:
> Hi Andrew,
> Thank you for that. So it doesn't matter if I have TDB as my DB? Also,
how
> do I replicate the data? Copy and paste ? /vat/lib/samba ,/private , passwd
> and group files?
>
> On Tue, Feb 20, 2018 at 8:02 PM, Andrew Bartlett <abartlet at
samba.org>
> wrote:
>
>> On Tue, 2018-02-20 at 18:11 +1000, Rob Thoman via samba wrote:
>> > Hi Guys,
>> > Have not had any feedback on this. I found the following article
but not
>> > sure if it is valid
>> >
>> > Here is what we are planning, high level
>> > Phase1:
>> >
>> > - Add a new Samba 4 server (VM in a new hardware). Join it to the
>> existing
>> > domain
>> > - Promote this server as DC in the Samba 3 environment ,
>> > - Migrate the DNS, DHCP from Samba 3 to Samba 4 server
>> > - Demote the old Samba box as Domain Controller, leave the Shares
in the
>> > old server
>> >
>> > Phase2:
>> > - Take a copy of the new samba DC VM and test NT4 to AD migration
using
>> the
>> > classic upgrade
>> >
>> > The urgency is do get Phase1 done but Phase2 is approved.
>> >
>> > What we would like to know if conceptually the above makes sense
and is
>> > doable? The bit we are not very sure about is Adding the BDC and
>> demoting
>> > the PDC. Any suggestions will be appreciated.
>>
>> Sounds good to me. For the Samba 'classic/nt4-like' mode just
removing
>> the 'domain master = no' makes it a PDC. You can even have
multiple
>> PDCs as long as they can't see each other over netbios, the
protocol is
>> so simple it doesn't really matter (unlike AD).
>>
>> Andrew Bartlett
>>
>> > Thank you.
>> >
>> > RT
>> --
>> Andrew Bartlett http://samba.org/~abartlet/
>> Authentication Developer, Samba Team http://samba.org
>> Samba Developer, Catalyst IT http://catalyst.net.nz/service
>> s/samba
>>
>>
>
On Tue, 2018-02-20 at 20:29 +1000, Rob Thoman wrote:> Hi Andrew, > Thank you for that. So it doesn't matter if I have TDB as my DB? Also, how do I replicate the data? Copy and paste ? /vat/lib/samba ,/private , passwd and group files?I did assume you were using LDAP. If you just copy the data then you will naturally not get any updates as there is no replication protocol, so it is less of a BDC and more of a migration route. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba