Web lists-archives.com

Re: [Samba] Migration to samba4 ad and sync to openldap.


Just some small remarks:

On 3/19/19 5:03 PM, John McMonagle via samba wrote:
But that would break us by moving all ldap to the ad ldap.
We have lot's of stuff in ldap.
Currently administer using ldap account manager.
We are in 5 cities and about 95% linux.
Have 7 openldap servers controlling everything.

Perhaps you need to change your view upon AD. We were like you: we had everything in openldap/samba3. We migrated to AD a couple of years back, and now we have everything in AD (ldap), just like in the old days with openldap.

Even though we at this moment don't, you also can still use LAM to manage your samba AD.

Not so much will change. Just many configurations to edit, so do proper testing. :-)

Getting rid of the openldap is too painful to contemplate.
Perhaps it is, perhaps it is not. In our case, it was not, even though I feared it would be.

Even if I was willing to more all the authentication and authorization stuff to ad would still need openldap.

Perhaps you do have stuff in openldad that cannot be moved over, but I would not write off that option too easily. We have generally been happy after our move away from openldap.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba