Solved

How to migrate CentOS, Samba to Active Directory and Exchange 2007

Posted on 2009-04-05
3
1,754 Views
Last Modified: 2013-12-02
Greetings,

Here we go :
Does this sort of migration sounds familiar: CentOS 3 with mail to W2K3 AD and Exchange 2007

I am merely looking at a way/various ways to export Samba to AD via tools/scripts and email adresses in Exchange 2007.
0
Comment
Question by:jpierre76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 14

Expert Comment

by:Deepak Kosaraju
ID: 24071478
For First step I could find the following,

############################################
Migration of Samba Accounts to Active Directory:
Reference Link:http://samba.org/samba/docs/man/Samba-Guide/upgrades.html#id2594253

Yes, it works. The Windows ADMT tool can be used to migrate Samba accounts to MS Active Directory. There are a few pitfalls to be aware of:

Procedure 8.2. Migration to Active Directory

Administrator password must be THE SAME on the Samba server, the 2003 ADS, and the local Administrator account on the workstations. Perhaps this goes without saying, but there needs to be an account called Administrator in your Samba domain, with full administrative (root) rights to that domain.

In the Advanced/DNS section of the TCP/IP settings on your Windows workstations, make sure the DNS suffix for this connection field is blank.

Because you are migrating from Samba, user passwords cannot be migrated. You'll have to reset everyone's passwords. (If you were migrating from NT4 to ADS, you could migrate passwords as well.)

To date this has not been attempted with roaming profile support; it has been documented as working with local profiles.

Disable the Windows Firewall on all workstations. Otherwise, workstations won't be migrated to the new domain.

 When migrating machines, always test first (using ADMT's test mode) and satisfy all errors before committing the migration. Note that the test will always fail, because the machine will not have been actually migrated. You'll need to interpret the errors to know whether the failure was due to a problem or simply to the fact that it was just a test.

There are some significant benefits of using the ADMT, besides just migrating user accounts. ADMT can be found on the Windows 2003 CD.

You can migrate workstations remotely. You can specify that SIDs be simply added instead of replaced, giving you the option of joining a workstation back to the old domain if something goes awry. The workstations will be joined to the new domain.

Not only are user accounts migrated from the old domain to the new domain, but ACLs on the workstations are migrated as well. Like SIDs, ACLs can be added instead of replaced.

Locally stored user profiles on workstations are migrated as well, presenting almost no disruption to the user. Saved passwords will be lost, just as when you administratively reset the password in Windows ADS.

The ADMT lets you test all operations before actually performing the migration. Accounts and workstations can be migrated individually or in batches. User accounts can be safely migrated all at once (since no changes are made on the original domain). It is recommended to migrate only one or two workstations as a test before committing them all.

######################################
For Second request sendmail - Exchange Server
http://msexchangeteam.com/archive/2005/02/21/377454.aspx


###################################
Useful Link:http://www.microsoft.com/technet/scriptcenter/scripts/ad/users/default.mspx?mfr=true
http://community.exchangeprovip.com/forums/thread/922.aspx
0
 

Author Comment

by:jpierre76
ID: 24071553
Well kosarajudeepak, thanks for this Tip. However, it seems that the Samba accounts are not up to date and that the login of the users are the same as the computer names for starters. There seem also that there is not one computer/one user, but sometimes uo to 5 users per computer, hence 5 profiles to recover.

The idea would be to sort of export users, groups, ace, acl from samba and inject (after corrections) in a fresh AD. Then migrate seamlessly the people by "batch" as Quest Software does. I was thinking at migrating the mail application on CentOS to Exchange, "migrate" email to Exchange 2007 with double authentification Samba to open session on XP. Later, migrate data from CentOS to W2K3 with Samba ACL/ACE then create uers with name.surname@company.com in new AD as login , recreate computers in new ad as well, change domains for the computers and log users with name.surname@company.com (Before that set ACE/ACL to the data).

All any other scenario welcome.
0
 

Accepted Solution

by:
jpierre76 earned 0 total points
ID: 24180287
Hello again,

Here is how I will do it :

Create AD and Exchange 2007
Create users/groups manually with a correct inventory.
Create email accounts and enable email accounts
Migrate data to new fkle server in new domain
Re ACLing Data
Install Outlook and save PST
Change XP boxes to new domain AD in samll lots
Migrate user profiles - USMT
Link Outlook PST if necsessary.

What do you think?
Cheers,
Jimmy
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question