From: Andrew Bartlett on
On Mon, 2010-05-10 at 14:40 +0200, Tomasz Chmielewski wrote:
> I have a Samba3 + OpenLDAP installation.
>
> How can I make Samba4 running on a different server be in the same
> domain, have the same users etc.?

I presume you mean mixing both Samba3 and Samba4 domain controllers in
one domain? This is not possible. Any upgrade to samba4 would prevent
you running a Samba3 DC. We don't support 'mixed mode' like that.

We also don't support hosting Samba4 on a 'unix like' LDAP server
layout. The schema is the AD schema. (FreeIPA is trying to create a
setup with a unix-like schema, but you will have to ask them about their
progress).

We also don't yet have good upgrade scripts from Samba3. It can be
done, but a lot of the task will be manual.

Sorry,

Andrew Bartlett

--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.

From: Jeremy Allison on
On Tue, May 11, 2010 at 11:08:44AM +1000, Andrew Bartlett wrote:
> On Mon, 2010-05-10 at 14:40 +0200, Tomasz Chmielewski wrote:
> > I have a Samba3 + OpenLDAP installation.
> >
> > How can I make Samba4 running on a different server be in the same
> > domain, have the same users etc.?
>
> I presume you mean mixing both Samba3 and Samba4 domain controllers in
> one domain? This is not possible. Any upgrade to samba4 would prevent
> you running a Samba3 DC. We don't support 'mixed mode' like that.
>
> We also don't support hosting Samba4 on a 'unix like' LDAP server
> layout. The schema is the AD schema. (FreeIPA is trying to create a
> setup with a unix-like schema, but you will have to ask them about their
> progress).
>
> We also don't yet have good upgrade scripts from Samba3. It can be
> done, but a lot of the task will be manual.

I have some ideas on that Andrew (upgrading an existing S3 domain
to S4). I'll try and call and chat tomorrow to see if my ideas are worth
discussing further on the list.

Jeremy.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Tomasz Chmielewski on
Am 11.05.2010 03:08, Andrew Bartlett wrote:
> On Mon, 2010-05-10 at 14:40 +0200, Tomasz Chmielewski wrote:
>> I have a Samba3 + OpenLDAP installation.
>>
>> How can I make Samba4 running on a different server be in the same
>> domain, have the same users etc.?
>
> I presume you mean mixing both Samba3 and Samba4 domain controllers in
> one domain? This is not possible. Any upgrade to samba4 would prevent
> you running a Samba3 DC. We don't support 'mixed mode' like that.

Yes, that's more or less what I want to do.

Any workarounds?

Like "Samba4 winbind" fetching users from Samba3?


What I want to achieve, is an AD controller "trusting" users from my
current Samba3 setup; I though Samba4 would help here.


--
Tomasz Chmielewski
http://wpkg.org

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Tomasz Chmielewski on
Am 11.05.2010 06:59, Tomasz Chmielewski wrote:
> Am 11.05.2010 03:08, Andrew Bartlett wrote:
>> On Mon, 2010-05-10 at 14:40 +0200, Tomasz Chmielewski wrote:
>>> I have a Samba3 + OpenLDAP installation.
>>>
>>> How can I make Samba4 running on a different server be in the same
>>> domain, have the same users etc.?
>>
>> I presume you mean mixing both Samba3 and Samba4 domain controllers in
>> one domain? This is not possible. Any upgrade to samba4 would prevent
>> you running a Samba3 DC. We don't support 'mixed mode' like that.
>
> Yes, that's more or less what I want to do.
>
> Any workarounds?
>
> Like "Samba4 winbind" fetching users from Samba3?

There is a page titled "Seamless Migration from Samba3 to Samba4":

http://www.samba.org/~jelmer/soc.html

Not sure how far this project is?


Something like "wipe out all Samba4 users, retrieve/synchronize them
again from Samba3 LDAP once a day" would be sufficient for me for a start.


--
Tomasz Chmielewski
http://wpkg.org
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
From: Andrew Bartlett on
On Tue, 2010-05-11 at 10:30 +0200, Tomasz Chmielewski wrote:
> Am 11.05.2010 06:59, Tomasz Chmielewski wrote:
> > Am 11.05.2010 03:08, Andrew Bartlett wrote:
> >> On Mon, 2010-05-10 at 14:40 +0200, Tomasz Chmielewski wrote:
> >>> I have a Samba3 + OpenLDAP installation.
> >>>
> >>> How can I make Samba4 running on a different server be in the same
> >>> domain, have the same users etc.?
> >>
> >> I presume you mean mixing both Samba3 and Samba4 domain controllers in
> >> one domain? This is not possible. Any upgrade to samba4 would prevent
> >> you running a Samba3 DC. We don't support 'mixed mode' like that.
> >
> > Yes, that's more or less what I want to do.
> >
> > Any workarounds?
> >
> > Like "Samba4 winbind" fetching users from Samba3?
>
> There is a page titled "Seamless Migration from Samba3 to Samba4":
>
> http://www.samba.org/~jelmer/soc.html
>
> Not sure how far this project is?

Some good work was produced, but we don't have a production-ready
upgrade path at this time.

> Something like "wipe out all Samba4 users, retrieve/synchronize them
> again from Samba3 LDAP once a day" would be sufficient for me for a start..

I really would not do that. If a machine or user has changed their
password, then the wipe will do bad things.

Andrew Bartlett

--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.