diff options
-rw-r--r-- | docs/docbook/projdoc/NT4Migration.sgml | 103 |
1 files changed, 0 insertions, 103 deletions
diff --git a/docs/docbook/projdoc/NT4Migration.sgml b/docs/docbook/projdoc/NT4Migration.sgml index 5799841feb..84719b9a94 100644 --- a/docs/docbook/projdoc/NT4Migration.sgml +++ b/docs/docbook/projdoc/NT4Migration.sgml @@ -493,109 +493,6 @@ Authentication </sect1> <sect1> -<title>Migration Options</title> - -<para> -There are 3 major Site Types: -</para> - -<para><programlisting> -<= 50 Users -Want simple conversion with NO pain -50 - 250 Users -Want new features, can manage some in-house complexity -Large Scale Sites -Solution / Implementation MUST scale well, complex needs -Cross departmental decision process -Local expertise in most areas -Planning for Success -Decide which approach is needed - 3 Choices -Simple Conversion (total replacement) -Upgraded Conversion (could be one of integration) -Complete Redesign (completely new solution) -Take sufficient time -Avoid Panic -Test ALL assumptions -Test full roll-out program, including workstation deployment -Simple Conversion -Make use of minimal OS specific features -Can use No Unix Accounts Option -Suck all accounts from NT4 into Samba-3 -Make least number of operational changes -Take least amount of time to migrate -Live versus Isolated Conversion -Integrate Samba-3 then migrate while users are active -Change of control (ie: swap out) -Upgraded Conversion -Translate NT4 features to new host OS features -Copy and improve -Old environment to Samba-3 -Make progressive improvements -Minimise user impact -Macimise functionality -Take advantage of lower maintenance opportunity -Complete Network Redesign -Decide -Authentication Regime (database locate and access) -Desktop Management Methods -Better Control of Desktops / Users -Identify Needs for: -Manageability, Scalability, Security, Availability -Samba Implementation Choices -Authentication database back end -Winbind (external Samba or NT4/200x server) -Can use pam_mkhomedir.so to auto-create home dirs -External server could use Active Directory or NT4 Domain -Database type -smbpasswd, tdbsam, ldapsam, MySQLsam -With local accounts or with No Unix Accounts (NUA option) -Samba Implementation Choice - II -Access Control Points -On the Share itself (Use NT4 Server Manager) -On the file system -Unix permissions on files and directories -Posix ACLs enablement in file system? -Through Samba share parameters -Not recommended - except as only resort -Samba Implementation Choice - III -Policies (migrate or create new ones) -Group Policy Editor (NT4) -Watch out for Tattoo effect -User and Group Profiles -Platform specific so use platform tool to change from a Local to a Roaming profile -Can use new profiles tool to change SIDs (NTUser.DAT) -Logon Scripts (Know how they work) -Samba Implementation Choices - IV -User and Group mapping to Unix/Linux -username map facility may be needed -Use smbgroupedit to connect NT4 groups to Unix groups -Use pdbedit to set/change user configuration -NOTE: -If migrating to LDAP back end it may be easier to dump initial LDAP database to LDIF, then edit, then reload into LDAP -Samba Implementation Choices - V -OS specific scripts / programs may be needed -Add / delete Users -Note OS limits on size of name (Linux 8 chars) -NT4 up to 254 chars -Add / delete machines -Applied only to domain members (note up to 16 chars) -Add / delete Groups -Note OS limits on size and nature -Linux limit is 16 char, no spaces and no upper case chars (groupadd) -Migration Tools -Domain Control (NT4 Style) -Profiles, Policies, Access Controls, Security -Migration Tools -Samba: net, rpcclient, smbpasswd, pdbedit, smbgroupedit, profiles -Windows: NT4 Domain User Manager, Server Manager (NEXUS) -Authentication -New SAM back end (smbpasswd, tdbsam, ldapsam, mysqlsam) -With of without Unix Accounts (NUA) -</programlisting></para> - -</sect1> - -<sect1> <title>Managing Samba-3 Domain Control</title> <para> |