Migrating a Samba NT4 Domain to Samba AD (Classic Upgrade)

From SambaWiki
Revision as of 15:17, 27 January 2012 by Bilbo (talk | contribs)

This is a very early beginning of a HOWTO for the Samba3 to Samba4 upgrade process

Samba Tool

The Samba Tool (see: Samba-tool-external) is a collection of tools and scripts used to build, manage and debug a Samba4 instance.

The samba3upgrade is a function built into the samba-tool. The intent of this function is to do a full replacement of an existing Samba3 supported domain. It is possible (at least in theory) to do the conversion of an existing Samba3 domain, shut down the old service and start the new Samba4 service, and the Windows users and member computers will simply connect to the new server without needing to manually re-join. Existing user domain profiles on member computers will appear exactly as they did on the old domain.

PLEASE NOTE: Make sure you thoroughly test your conversion and how your clients react before you activate your new server in your production environment! Once a Windows client finds and connects to the new server, it is not possible to go back! It is necessary to do testing on a separate network so that the old and new domain controllers don't clash.

The issues with having both domains 'live' at the same time are:

  • The databases are not syncronised after the initial migration
  • Even if no changes are made to the DB, clients which see an AD DC will no longer honour NT4 system policies
  • The new Samba4 PDC and the old DC will both claim to hold the #1b name as the netbios domain master

Upgrading in Place

One way to create a new Samba4 server is to install the Samba4 binaries on a currently existing Samba3 server. This will replace the currently running system with a Samba4 instance, populated with the users, groups and machine accounts from the previous Samba3 service.

Upgrading on a New Server

It is possible to copy your domain information from the existing Samba3 domain to a new server and do your conversion there.

Download, build and install the Samba4 binaries, either from one of the Alpha releases or from "git". (see the Samba4/HOWTO page.)

Copy your Samba database directory to a new location on the new server. (eg, from /etc/samba to /etc/samba3)

If you wish to rename the new server, you can change the netbios name in the Samba3 conf file.

[NOTE: if you run the migration more than once, for example, in a testing environment, then make sure you remove the generated conf file in /usr/local/samba/etc directory. If the migration tool finds an existing smb.conf file, it will make use of the parameters there in its conversion.]

 $ /usr/local/samba/bin/samba-tool domain samba3upgrade --dbdir=/etc/samba3  --use-xattrs=yes  --realm=myname.org /etc/samba3/smb.conf
  • use-xattrs: use the underlying file system support for extended attributes. This assumes that your host OS supports this.
  • realm: You can specify the realm on the command line if it is not already specified in the Samba3 smb.conf file.