Migrate from Ebox (Samba 2) to Zentyal (Samba 3)

[Josir]

Hi folks,

I use ebox for several years but now I have to migrate to Samba 3 due to Windows 7 machines authentications. Before give up and buy a Windows Server, I will try to make a last shot.

My strategy (based on [1]):
- Install a Zentyal as BDC (Backup Domain Controller)
- Copy users from PDC (ebox) to BDC
- Disable ebox machine
- Test

1) After Zentyal installation, I did not enable File Server
2) Change file /usr/share/ebox/stubs/samba/smb.conf.mas to indicate that Zentyal will be a BDC

 domain logons = Yes
 os level = 35
 preferred master = No
 domain master = No

3) Yet on this file, I change the domain name and hostname

 workgroup = MEDIASYS
 netbios name = LINUX13

4) Via web interface, I started the File Server service and then verify if it is really a BDC with command:

testparm

5) Enter the main domain:

net rpc join -S 192.168.0.11 -Ujosir%xxxx

where 192.168.0.11 is the ebox server.

6) I stopped here: how to import users and machines ?

Some guys said that the best solution is to do a ldap replication [2]
But I think this is not going to work becaus zentyal and ebox seems to have a different ldap tree.

I am also thinking about to make a script to create all users and reset all password on new server.

So, if someone has any glue I appreciate.

Josir.

[1] http://www.enterprisenetworkingplanet.com/netos/article.php/3457461
[2] http://groups.google.com/group/linux.samba/browse_thread/thread/bbd71cc519f969d8?hl=en

[jsalamero]

Hi Josir,

just configure Zentyal with the same domain name and import on top of that the subtrees needed from LDAP (via ldapadd): ou=Users, ou=Computers, ou=Groups, etc. Restart samba module and should be done.

And always before buying a Windows server I would get Zentyal professional support ;-)

Cheers,

[Josir]

Thanks for your help jsalamero.

1) I understand that adding ldapadd will not create linux or samba users, right? Or am I wrong ?

2) If this work, I will have to copy the file system partition (where files are located with their gid/uid permissions). The ldapadd will keep the same uid and gid ?

Thinking ahead: if everything works fine, where is a good place to put this tutorial (in english and portuguese) ?

Gracias!
Josir.

[jsalamero]

the idea with ldapadd is to restore everything you have on ldap. you will also have to copy files keeping permissions, sure.

[philmills]

check this thread for another LDAP Migration method and some pitfalls to watch out for: http://forum.zentyal.org/index.php?topic=6313