[OT] [Gllug] Migrating Samba servers between domains - the hard way.
Mike Brodbelt
mike at coruscant.demon.co.uk
Wed Feb 8 22:03:07 UTC 2006
On Wed, 2006-02-08 at 21:45 +0000, Matthew Thompson wrote:
> > Winbind assigns RIDs algorithmically, which is where problems can
> > creep
> > in. If you change your Samba setup to backend off LDAP or tdbsam, you
> > can suck the account information out of your NT domain with "net rpc
> > vampire". This should retain the same mappings as NT uses, and
> > allow you
> > to move the domain transparently to a Samba PDC. Of course if you have
> > this setup with an LDAP backend, there's very little to be gained by
> > moving to AD any more.
>
> Sounds like a lot of hard work for what I need considering we have to
> move to AD on Windows 2003 as there's no-one else here who
> understands how any of the Linux stuff works. Our internal support
> manager is bad enough with a GUI and being dyslexic doesn't help when
> you're using text files.
That being the case, you might as well rip out the old NT domain and
re-join the clients. It should then be easy to join your Samba machine
to your new AD domain. Samba is well tested as an AD client, and there's
lots of docs out there.
> Active directory provides a lot of features that other Microsoft
> products tie into and we're a 170 user company with a heavy reliance
> on existing Microsoft technologies in the front office side of things
> - there really are some areas where Microsoft + Microsoft provides
> many fewer problems than Microsft + Something else.
MS are very good at this sort of thing - the downside is you rapidly
find you're very locked in, and sooner or later you find that Microsoft
+ Microsoft is your only realistic option. Taking the simplest path up
front leads you to an environment you no longer have any control over in
the longer term. You have to consider the costs of lock in over the
longer term, but I see no reason to believe that the software industry
will, in the final analysis, be any different to any other industries
where vendor lock-in is practiced.
> Doesn't stop me wanting to run Linux for some file sharing tasks or
> for our backup server. NetBackup on a Linux box beats the pants off
> the same setup using Windows
Indeed.
Mike
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list