Author Topic: "Transfer" users and profiles from a Windows PDC to a Zentyal box  (Read 4363 times)

Evadido

  • Zen Apprentice
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Hi all,

I have a Windows server 2003 pdc, which manages 20 user accounts with roaming profiles. I want to "transfer" or migrate the user accounts and profiles to a Zentyal box (which until today acts as proxy, load balancer and wan failover), make it the new pdc, and let the windows server rest in peace forever.

Is is possible?

Will the windows clients of the domain login on the new pdc without suffering too much pain? (they're all xp boxes)

Thank you very much!

El Evadido

Evadido

  • Zen Apprentice
  • *
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #1 on: July 09, 2012, 07:03:14 pm »
Nobody knows????:'( :'( :'(

robb

  • Guest
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #2 on: July 09, 2012, 07:10:41 pm »
This will not be possible untill Zentyal 3.0 comes out (September this year). To have a drop-in replacement for Active Directory you need Samba 4 and that will be implemented in the next version of Zentyal.

christian

  • Guest
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #3 on: July 09, 2012, 08:07:46 pm »
Although you're technically perfectly right, I've a slightly different view  :-[ sorry
I mean that Evadido's post doesn't contain, from my standpoint, enough input to decide if this can be done and also if if can be done "without suffering too much pain? "
How much too much is too much ?  ;D

Joke aside, if Windows server is used as file server and very little, if any, GPOs, then Samba3, providing CIFS with account and group based profiling might be enough.

I would not rush toward Samba4 yet (and even less rush toward Zentyal 3.0 for the same^2 reason) until this is a mature product  :-[

majestyx

  • Board Moderator
  • Zen Warrior
  • *****
  • Posts: 243
  • Karma: +8/-1
  • Dont feed the Troll !
    • View Profile
    • German FSFE Blog
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #4 on: July 09, 2012, 10:00:33 pm »
what is whit this way... ?

setup zentyal as a BDC...
replicate whit PDC....
shot down PDC
promoted the BDC to PDC

Or via LDAP ?!

http://forum.zentyal.org/index.php?topic=6231.0

very old info:  8)
http://www.howtoforge.com/using-ebox-as-windows-primary-domain-controller

just a idea ?!
Ahoi
Michael (majestyx) pls, applaud if I could help ;)
--
Erst lesen, dann schreiben: http://forum.zentyal.org/index.php/topic,4317.0.html

Zentyal Doku: http://doc.zentyal.org/en/zindex.html (engl.)

robb

  • Guest
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #5 on: July 09, 2012, 10:02:26 pm »
That works if there are no GPO's to be transfered.

browley

  • Zen Apprentice
  • *
  • Posts: 17
  • Karma: +1/-0
    • View Profile
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #6 on: July 20, 2012, 09:55:18 pm »
I've been trying like crazy to get this to work with CentOS 5.8 + Samba/LDAP.  Here's the thing: if you do not need GPO, Samba + LDAP will authenticate Windows boxes.  I've gotten to the point where the users have replicated to the BDC, turned off Windows 2003 AD, and tried to join Windows 7 boxes (yes, with regedits) to my CentOS Samba.  No love.  For whatever reason, it bucks like a mule and refuses to let windows 7 join, either saying permission denied (via root user) or saying the machine name was already taken (both with the machine added to Samba/LDAP or not existing at all).  In my searches, I came across Zentyal.  I was able to get a test domain up and join a Windows 7 to the test domain.  So, at this point the rest seems trivial: set Zentyal to suck the usernames/groups/computers from AD using the migration tool, then flip it to be the PDC.   If that isn't a possibility, even potentially just taking the ldiff + samba database files + ldap configs + nsswitch configs+ smbtools configs + whatever the heck else I'm forgetting, put the configs in place, restart the services with Zentyal in PDC mode should work in theory; unicorns, rainbows, and the like.  Here's the issue getting there, however.  I install Zentyal on a machine, get it up, and couldn't find the Slave "mode".  After looking through the forum, I ran the /usr/share/zentyal-users/reinstall and set the mode to slave.  While that sets up fine, I set the mode, and notice that, at the top, I get a little warning:
Code: [Select]
Users and Groups module is disabled. Don't forget to enable it on the Module Status section, otherwise your changes won't have any effect. 

I enable it, save, and I get an error message that Zentyal had bombed out and to check the logs.  So I tail /var/logs/zentyal/zentyal.log I get:
Code: [Select]
Exit value: 1 2012/07/20 15:44:42 ERROR> GlobalImpl.pm:664 EBox::GlobalImpl::saveAllModules - The following modules failed while saving their changes, their state is unknown: users".   

Now the Users/Groups section shows up as it did in stand alone mode.  No more "mode" section.  The users section throws me an error that this is a bug:
Code: [Select]
An internal error has occurred. This is most probably a bug, relevant information can be found in the logs. Please look for the details in the /var/log/zentyal/zentyal.log file and take a minute to submit a bug report so we can fix the issue as soon as possible.

So either I've set Zentyal up wrong from the beginning or there is something wrong with trying to go from BDC to PDC.  Any ideas?

jsalamero

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1419
  • Karma: +45/-1
    • View Profile
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #7 on: July 23, 2012, 07:51:26 am »
Well, currently with Zentyal 2.2 you can use ad-sync connector to sync users from AD to Zentyal LDAP. With samba4 this will work even better :)

browley

  • Zen Apprentice
  • *
  • Posts: 17
  • Karma: +1/-0
    • View Profile
Re: "Transfer" users and profiles from a Windows PDC to a Zentyal box
« Reply #8 on: July 24, 2012, 08:48:42 pm »
Ok, I re-installed Zentyal and was able to sync everyone over after actually following the instructions carefully.  Two more questions: now that I've got all the users in, can I just flip the switch to PDC and expect everyone to still be able to login to their Windows boxes?  More importantly, my old windows AD dowmain was domain.local.  I cannot configure the Zentyal box to be mydomain.local so I just configured it to be mydomain.  Will that cause problems?