[Samba] Migrate from one server (samba3) to a new one (samba4)
André Guilhon
I'm thinking of installing a fresh version of samba 4, into a fresh server.
I've read the docs, I know I should use samba-tool with classic upgrade
option and stuff. The fact is that my original server is almost dead (not
really, but..), and using ldapsam as Password backend and I want to migrate
it to a new server using AD, and could not find how to do it!
As a matter of fact, I would only need to migrate the users! Is there a way
to do it? I saw I can use a different network interface, but could not find
a way to change the original server! Any thoughts on that?
Thank you!
*André Guilhon*
Tecnologia da Informação
*(48) 3251.1915 / 8416.00...@meninojesus.com.br
<an...@meninojesus.com.br>*
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Marc Muehlfeld
Am 05.06.2014 21:26, schrieb André Guilhon:
> I'm thinking of installing a fresh version of samba 4, into a fresh server.
> I've read the docs, I know I should use samba-tool with classic upgrade
> option and stuff. The fact is that my original server is almost dead (not
> really, but..), and using ldapsam as Password backend and I want to migrate
> it to a new server using AD, and could not find how to do it!
> As a matter of fact, I would only need to migrate the users! Is there a way
> to do it? I saw I can use a different network interface, but could not find
> a way to change the original server! Any thoughts on that?
If you want to do the classicupgrade on a new host, then simply shutdown
Samba on the old server and copy the databases listed in the Howto and
your smb.conf + /etc/group to the new server. Migrating from tdbsam is
quite simple. Nothing more should be needed.
Then install Samba and do the classicupgrade on the new host. It's all
described here, what you need:
https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29
If you have any specific questions or problems, just ask.
Regards,
Marc
André Guilhon
and the tdbs to the new server, but I could not get it to connect to the
old server to require the users in LDAP database!
If I copy the /etc/groups it will work?
*André Guilhon*
Tecnologia da Informação
*(48) 3251.1915 / 8416.00...@meninojesus.com.br
<an...@meninojesus.com.br>*
Sonic
> If you want to do the classicupgrade on a new host, then simply shutdown
> Samba on the old server and copy the databases listed in the Howto and
> your smb.conf + /etc/group to the new server. Migrating from tdbsam is
> quite simple. Nothing more should be needed.
In a current environment I would like the AD to have a different
hostname so I can continue to run the old DC as a member server for
file/printer sharing. Can this be done? Is it fairly straightforward?
Thanks,
Chris
Marc Muehlfeld
> Hey Marc. Even if I use LDAP for users? I've already copied the smb.conf
> and the tdbs to the new server, but I could not get it to connect to the
> old server to require the users in LDAP database!
> If I copy the /etc/groups it will work?
Ups. Sorry. I read you use tdbsam instead of ldap. In that case you
don't need to transfer the /etc/group.
If your new DC will have a different IP, then you can temporary keep
your LDAP on your old host running. You only have to make sure, that in
your smb.conf, you've copied to the new host, there's the IP of you LDAP
server. Then the classicupgrade is done on the new host and the
users/groups are taken from your old LDAP via network. And afterwards,
you shutdown your old server completely.
If your new DC should get the same IP than the old one, then simply give
the old one temporary a different IP. You only need it get users/groups
from during the classicupgrade. Or you install LDAP on your new DC
temporary and move everything. But this will be more work.
Marc Muehlfeld
> On Thu, Jun 5, 2014 at 3:33 PM, Marc Muehlfeld <mmueh...@samba.org> wrote:
>> If you want to do the classicupgrade on a new host, then simply shutdown
>> Samba on the old server and copy the databases listed in the Howto and
>> your smb.conf + /etc/group to the new server. Migrating from tdbsam is
>> quite simple. Nothing more should be needed.
>
> Aren't the users and machine accounts in /etc/passwd also needed?
you don't need /etc/group, as well. Then everything is taken from LDAP.
I'm not 100% sure about your passwd question. The users are taken from
the Samba backend. But I'm not sure at the moment, if tdbsam stores the
UIDs and homepath, too. If it does, then passwd would not be necessary.
Maybe if not, then the new users get only Windows (SID, etc.) accounts -
what is no problem if you don't require UIDs, etc. for unix services and
only have pure Windows users.
Let me give this a try this evening in my test environment. If it's
required, I'll fix this in the HowTo.
> In a current environment I would like the AD to have a different
> hostname so I can continue to run the old DC as a member server for
> file/printer sharing. Can this be done? Is it fairly straightforward?
the old PDC. Then do the upgrade.
And afterwards, change the PDCs smb.conf to a Member Server and join it
to the domain.
You only have to make sure, that the old PDC doesn't come up any more as
PDC.
Regards,
Marc
André Guilhon
Just a last stupid (maybe!) question... If I do that, I have to immediately
power down the old server? I mean, if I want to maintain the old server
running, doing all the work, for some time, while I test the new server, is
it possible? The docs say that the old server will stop working! Is it true
even if I'm switching machines, domain names and stuff?
Thank you again!!
*André Guilhon*
Tecnologia da Informação
*(48) 3251.1915 / 8416.00...@meninojesus.com.br
<an...@meninojesus.com.br>*
Marc Muehlfeld
> Am 05.06.2014 22:43, schrieb Sonic:
>> On Thu, Jun 5, 2014 at 3:33 PM, Marc Muehlfeld <mmueh...@samba.org> wrote:
>>> If you want to do the classicupgrade on a new host, then simply shutdown
>>> Samba on the old server and copy the databases listed in the Howto and
>>> your smb.conf + /etc/group to the new server. Migrating from tdbsam is
>>> quite simple. Nothing more should be needed.
>>
>> Aren't the users and machine accounts in /etc/passwd also needed?
>
> If you use ldapsam as backend, like the OP (sorry, I read tdbsam), then
> you don't need /etc/group, as well. Then everything is taken from LDAP.
>
> I'm not 100% sure about your passwd question. The users are taken from
> the Samba backend. But I'm not sure at the moment, if tdbsam stores the
> UIDs and homepath, too. If it does, then passwd would not be necessary.
> Maybe if not, then the new users get only Windows (SID, etc.) accounts -
> what is no problem if you don't require UIDs, etc. for unix services and
> only have pure Windows users.
>
> Let me give this a try this evening in my test environment. If it's
> required, I'll fix this in the HowTo.
if you don't copy the passwd, when you use tdbsam or smbpasswd backend,
then your UIDs, home directories, etc. are not imported. After the
migration you have a pure Windows account then.
I'll add this to the Upgrade HowTo later.