Web lists-archives.com

Re: [Samba] future of non-AD samba?




On Wed, 2018-06-06 at 12:52 +0200, Klaus Hartnegg via samba wrote:
> Am 06.06.2018 um 12:41 schrieb Rowland Penny via samba:
> > I think that 'standalone' machines will continue
> 
> Thank you very much for clarification. This means that SMB1 and PDC are 
> the problems, not lack of AD.
> 
> But if we later need to switch to AD, is there a method like 
> classicupgrade to do it? Currently classicupgrade of a standalone server 
> Samba 3 creates a standalone server Samba 4, not an AD-DC. It appears to 
> be enough to add a few lines to the old smb.conf to make classicupgrade 
> do it, but I'm not certain.

If you have a single standalone server, and want that server's users to
become the users in an AD DC, you can convert your standalone server
into an NT4 (classic) DC by setting 'domain logons = yes'.

Then classicupgrade that DC into an AD DC.  

You should ideally separate the AD DC from the fileserver, but at least
your users will have become AD users by then and you can join the old
file-server back to the domain (with no local users and a new SID). 

Delete the secrets.tdb before re-joining so you reset that local
machine SID. 

I hope this helps,

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba