Hi On 19 August 2013 09:58, Miroslav Prýmek <m.pry...@gmail.com> wrote:
> Hello, > > I can't find any precise technical information about how the client > computer in Windows domain (NT,AD) verifies the identity of the PDC. Can > you please point > me to any source of relevant information or give me a brief explanation? > > Situation: > I'm going to replace a Windows Server 2003 PDC with samba. I've > successfully extracted the PDC's ldap contents (with ldifde tool) and > account passwords (ntds.dit and system hive copied, data extracted, all > password hashes cracked). > > Problem description: > If I install samba3 as PDC, populate LDAP with the data dumped from WS, > copy the users' data and shut down the old PDC, would the client computers > notice the change? Would I have to re-add all the computers to the new PDC > or not? > i.e. would the users notice the server change or not? > > I believe that once a Windows client has been joined to an AD domain it will not work with that domain converted to an NT-style domain. (e.g. if you had upgraded a Samba 3 PDC to a Samba 4 AD DC and your clients interacted with the new DC, you would no longer be able to shut down the Samba 4 DC and boot up the Samba 3 PDC and still have the clients working properly without rejoining them to the domain.) At least that's the impression I got from previous discussions on the Samba lists. So I think you would have to rejoin all the machines to the domain. > I'm interested in behavior of Win XP, Vista, 7 and I can't install samba4. > > Thank you for any suggestions and pointing to further reading. > > M. Prymek -- Michael Wood <esiot...@gmail.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba