I've got a Samba 3 domain which is to be migrated to Active Directory Windows 2008.
I've found this samba to AD migration
but the help in the post describes migration to win 2003.
We could build the windows domain controller and create all the users fresh, then copy their home folder content across. However there are folders on the linux side created all the over place which have ACLs to various people. If we start fresh, we will see access problem to various folders. Some folders are accessed by scripts and things may not immediately obvious until someone realise this or that script failed.
Basically, is there a good way of moving users on to the Windows AD, and they still keep the same SID? I suppose user name is not big issue because we can modify the usernames, but it seems some linux tools cannot work well with usernames longer than 8 char?
Any suggestion/discussion is welcome!
Best Answer
The approach I would look at would be to try to upgrade your Samba domain in-place from samba 3 to Samba4, then join the Windows 2008 Server to the Samba4 domain as a Domain Controller. Next transfer FSMO roles to the 2008 Server from the Samba4 box, and then remove the Samba4 box. I believe this should preserve your domain's SIDs.