migrating 515 ad servers to samba
play

Migrating 515 AD servers to Samba Caglar Ulkuderner In a galaxy NOT - PowerPoint PPT Presentation

Aug 08, 2023 •337 likes •500 views

Migrating 515 AD servers to Samba Caglar Ulkuderner In a galaxy NOT far far away! caglar@profelis.com.tr SambaXP 2020 * All StarWars images are sourced at www.StarWars.com Regions Digital Transformation Ankara stanbul Sofya Doha

  1. Migrating 515 AD servers to Samba Caglar Ulkuderner In a galaxy NOT far far away! caglar@profelis.com.tr SambaXP 2020 * All StarWars images are sourced at www.StarWars.com

  2. Regions Digital Transformation Ankara İ stanbul Sofya Doha

  3. Network Topology AD 37.301 1.184 515 Computer Location Server BH BH BH BH Galaxy Ministry of Finance Revenue Administration Organisatinal page Project page www.gib.gov.tr gibux.gib.gov.tr

  4. History of Gibux Starting Project April 2013 Analysing and design R&D Phase 37.301 1.184 Computer Location June 2013 -February 2014 Developing required OS modules and some device drivers which is required for production First Flight February 2014 Release Candidate version has been installed on two tax office Production Release January 2015 Production release has been published and mass installation started to country wide Central Information System March 2015 CIS go live to keep tracks of every installed Gibux release Fully Operational January 2018 Finished deployments in country wide

  5. AD to Samba…

  6. Project Requirements Forest Structure Need to support hybrid structure with Microsoft AD, work as a part of forest. ACL Support Every user must have his/her private and public directory to keep files safe and share if necessary Local DNS Support Every site must have a local DNS infrastructure to use local resources. DHCP & TFTP Support Every Samba server must support DHCP and TFTP to handle Gibux machines and PXE installation. Easy Management Site technicians must take care of local user requirements. Automated Migration “Do or do not, there is no try.” Current data on Microsoft AD must be easily migrated by Master Yoda local technicians.

  7. Project Challanges “Never tell me the odds.” - Han Solo Manage Replication SLA Web Based Management Max 15 min. Max 15 min In working hours there is no tolerance of failure. If 1 . Need local web based management services like Every server must complete the replication in 15 any problem occures you have to respond in 15 Samba , BindDNS , TFTP , SaltStack minutes NTDS management must be managed minutes. Transactions must continue and problem centrally has to be solved in 1 hour. 2. Central Management for all servers

  8. Migration Steps “In my experience there is no such thing as luck.” – Obi-Wan Kenobi Go to location and Install Rsync on Windows, Prepare base SUSE installed HW install new hardware Export DHCP configuration to IIS dir AVERAGE INSTALL CYCLE 03:00 TAX OFFICE AVG. TIME HOURS AVERAGE MIGRATION CYCLE 02:00 DHCP ACL DNS TFTP Join DC AVG. TIME HOURS Download exported DHCP Join AD and Preparing local DNS Getting TFTP and Set Private and Public records and import it to replicate initial servers with Bind configure local settings share ACLs isc-dhcpd data. according to site data - Samba 4.10.6 - Do not update NS (required patch)

  9. What if a problem occures or replication breaks “Your eyes can deceive you. Don’t trust them.” – Obi-Wan Kenobi What hapens if local DC did not respond ? Local DC can have some replication problems because of several issues. In that case DNS logon servers points back to other alive Replication server and everything continues to work. Problem Local User Central Info Agent Locking Detection

  10. What is check-list before join “Somebody has to save our skins.” – Leia Organa Network DNS Metadata Check latency on WAN Old DNS records are pain Old objects, huge problems If you will open your network on WAN, latency is DNS is very important part of Directory Server. Old Uncleaned metadata objects cause replication very important. You need to arrange kernel datas, removed zones cause resolution problems problems. If you need to use an IP which used by parameters and NTDS which also triggers replication problems. demoted server you must clean metadata

  11. SambaBOX Web Based inspired from Gibux Build for ALL all you need for DS + samba, dns, ntp, dhcp, saltstack Community version is on the way

  12. SambaBOX Web Based inspired from Gibux Build for ALL all you need for DS + samba, dns, ntp, dhcp, saltstack Community version is on the way

  13. SambaBOX Web Based inspired from Gibux Build for ALL all you need for DS + samba, dns, ntp, dhcp, saltstack Community version is on the way

  14. Do you need help ? “ Time exists in order that Read wiki: wiki.samba.org man Mail Lists R e a d T h e F i n e M a n u a l everything doesn't happen samba.org/samba/docs SerNET all at once… and space Samba + lists.samba.org exists so that it doesn't all debug samba bugzilla.samba.org gitlab.com/samba-team/samba/ happen to you. ” Catalyst Google Microsoft samba.org/samba/support Git Susan Sontag

  15. HUGE thank you! to SAMBA TEAM https://www.samba.org/samba/team/ May the force be with you!

  16. Question Thank YOU SambaXP 2020 www.profelis.com.tr sambabox.profelis.com.tr * All StarWars images are sourced at www.StarWars.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Samba in the Enterprise : Samba 3.0 and beyond By Jeremy Allison jra@samba.org

Samba in the Enterprise : Samba 3.0 and beyond By Jeremy Allison jra@samba.org

Samba in the Enterprise : Samba 3.0 and beyond By Jeremy Allison jra@samba.org jeremy.allison@hp.com Where we are now : Samba 2.2 The current Samba is a credible replacement for a Windows server providing file and

529 views • 19 slides
Migrating Data When Decommissioning PetaBytes of Storage John Constable Informatics Support

Migrating Data When Decommissioning PetaBytes of Storage John Constable Informatics Support

Migrating Data When Decommissioning PetaBytes of Storage John Constable Informatics Support Group, ICT jc18@sanger.ac.uk @kript Background 19PB of genomic data in 399 Resources on 76 resource servers over six Zones 41 servers need

425 views • 24 slides
Implementing the Witness protocol in Samba Gnther Deschner <gd@samba.org> (Red Hat /

Implementing the Witness protocol in Samba Gnther Deschner <gd@samba.org> (Red Hat /

Implementing the Witness protocol in Samba Gnther Deschner <gd@samba.org> (Red Hat / Samba Team) About Samba and RedHat Currently 7 Samba Team members inside RedHat Creators and users of Samba technology for authentication

836 views • 45 slides
Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com Case Study Migrating Legacy.com Jordan Ryan Product Owner Ankur Gupta Lead Developer Bassam Ismail Front-end Lakshmi Narasimhan RESTful

458 views • 45 slides
Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud:

Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud:

Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud: Case Study from GEO Grid Case Study from GEO Grid Kyoung-Sook Kim Data Science Research Group Information Technology

541 views • 18 slides
Samba Witness Protection Programming Samuel Cabrero scabrero@suse.com David Disseldorp

Samba Witness Protection Programming Samuel Cabrero scabrero@suse.com David Disseldorp

Samba Witness Protection Programming Samuel Cabrero scabrero@suse.com David Disseldorp ddiss@samba.org Agenda Clustered Samba Witness Protocol Demo Outlook Clustered Samba Samba File and print server SMB / CIFS, SMB2

428 views • 40 slides
SMB3.1.1 and beyond: Optimizing access from Linux Client to Samba, the Cloud and modern file

SMB3.1.1 and beyond: Optimizing access from Linux Client to Samba, the Cloud and modern file

SMB3.1.1 and beyond: Optimizing access from Linux Client to Samba, the Cloud and modern file servers Steve French Principal Software Engineer Azure Storage - Microsoft Legal Statement This work represents the views of the author(s) and does

748 views • 51 slides
Samba and the road to Python3 Noel Power SUSE/Samba team noel.power@suse.com npower@samba.org

Samba and the road to Python3 Noel Power SUSE/Samba team noel.power@suse.com npower@samba.org

Samba and the road to Python3 Noel Power SUSE/Samba team noel.power@suse.com npower@samba.org Agenda Reasons to move to Python3 What is supported in what release Some history of the porting effort Challenges Lessons learned

815 views • 19 slides
The Important Details Of Windows Authentication Stefan Metzmacher <metze@samba.org> Samba

The Important Details Of Windows Authentication Stefan Metzmacher <metze@samba.org> Samba

The Important Details Of Windows Authentication Stefan Metzmacher <metze@samba.org> Samba Team / SerNet 2017-05-04 https://samba.org/~metze/presentations/2017/SambaXP/ Topics Windows Domains, Forests and Trusts Netlogon Secure

497 views • 34 slides
SMB3 Multi-Channel in Samba ... Now Really! Michael Adam Red Hat / samba.org sambaXP -

SMB3 Multi-Channel in Samba ... Now Really! Michael Adam Red Hat / samba.org sambaXP -

SMB3 Multi-Channel in Samba ... Now Really! Michael Adam Red Hat / samba.org sambaXP - 2016-05-11 Introduction SMB - mini history SMB: created around 1983 by Barry Feigenbaum, IBM SMB in Lan Manager: around 1990 SMB in Windows for

1.29k views • 58 slides
Tools for the Vagabonding Samba Developer sambaXP 2015 Michael Adam Samba Team / Red Hat May

Tools for the Vagabonding Samba Developer sambaXP 2015 Michael Adam Samba Team / Red Hat May

Tools for the Vagabonding Samba Developer sambaXP 2015 Michael Adam Samba Team / Red Hat May 21, 2015 We use a lot of VMs and containers for testing and building Samba. The setup and maintenance of these machines requires a lot of work. How

351 views • 20 slides
Samba's AD DC: Samba 4.2 and Beyond Presented by Andrew Bartlett of Catalyst // 2014-09 About me

Samba's AD DC: Samba 4.2 and Beyond Presented by Andrew Bartlett of Catalyst // 2014-09 About me

Samba's AD DC: Samba 4.2 and Beyond Presented by Andrew Bartlett of Catalyst // 2014-09 About me Andrew Bartlett Samba T eam member since 2001 Working on the AD DC since 2006 These views are my own, but I do with to thank:

856 views • 36 slides
Faking a Failover Over the Top With Samba Clusters Christopher R. Hertel Samba Team May 2017

Faking a Failover Over the Top With Samba Clusters Christopher R. Hertel Samba Team May 2017

Faking a Failover Over the Top With Samba Clusters Christopher R. Hertel Samba Team May 2017 Introductions Introductor a t i o n a r y e s q u e n e s s e si s m Me: Samba Team Elder SMB Wizard with: The opinions expressed are my

874 views • 21 slides
Status of SMB2 and SMB3 development in Samba SDC 2012 Michael Adam obnox@samba.org Samba Team /

Status of SMB2 and SMB3 development in Samba SDC 2012 Michael Adam obnox@samba.org Samba Team /

Status of SMB2 and SMB3 development in Samba SDC 2012 Michael Adam obnox@samba.org Samba Team / SerNet 2012-09-17 Hi there! Oh ... ... please interrupt with questions! Michael Adam SMB2+ in Samba (3 / 20) SMB2 in Samba Only SMB 2.0

1.35k views • 75 slides
Samba and the road to 100,000 users Presented by Andrew Bartlet Samba Team - Catalyst / / SambaXP

Samba and the road to 100,000 users Presented by Andrew Bartlet Samba Team - Catalyst / / SambaXP

Samba and the road to 100,000 users Presented by Andrew Bartlet Samba Team - Catalyst / / SambaXP 2017 Andrew Bartlet Samba developer since 2001 Working on the AD DC since soon afuer the start of the 4.0 branch, since 2004! Driven to

664 views • 44 slides
A Few things happened on the way to LMDB Presented by Andrew Bartlet Samba Team - Catalyst / /

A Few things happened on the way to LMDB Presented by Andrew Bartlet Samba Team - Catalyst / /

A Few things happened on the way to LMDB Presented by Andrew Bartlet Samba Team - Catalyst / / June 2018 Samba is a member project of the Sofuware Freedom Conseraancy Andrew Bartlet and Catalysts Samba Team Samba Deaeloper since 2001

436 views • 30 slides
ISOC ION Conference Advancing the Network - Where Weve Been, Where Were Headed Shumon

ISOC ION Conference Advancing the Network - Where Weve Been, Where Were Headed Shumon

ISOC ION Conference Advancing the Network - Where Weve Been, Where Were Headed Shumon Huque Ron Broersma Paul Ebersman John Spence Paul Mockapetris San Diego, California, December 11th 2012 1 Advancing the Network: Where We've Been,

542 views • 9 slides
DNS Basics 1 Computers use IP Addresses To send an IP datagram to another computer on

DNS Basics 1 Computers use IP Addresses To send an IP datagram to another computer on

DNS Basics 1 Computers use IP Addresses To send an IP datagram to another computer on Internet (e.g. a web server), must know its IP address What is the IP address of the computer running ICT website? Registration? Facebook? Humans

214 views • 8 slides
DNS of Multiphase Flows Simple Front Tracking DNS of Multiphase Flows Direct Numerical

DNS of Multiphase Flows Simple Front Tracking DNS of Multiphase Flows Direct Numerical

DNS of Multiphase Flows Simple Front Tracking DNS of Multiphase Flows Direct Numerical Software is needed for a variety of purposes. Simulations of In addition to large scale somewhat general purpose codes that represent close

179 views • 4 slides
Large-scale Analysis of Infrastructure-leaking DNS Servers Dennis Tatang , Carl Schneider,

Large-scale Analysis of Infrastructure-leaking DNS Servers Dennis Tatang , Carl Schneider,

Large-scale Analysis of Infrastructure-leaking DNS Servers Dennis Tatang , Carl Schneider, Thorsten Holz Ruhr-University Bochum, Germany Motivation DNS: www.rub.de 134.147.64.10 Daily use on the Internet by every user Various

422 views • 27 slides
Dynamic DNS: A Place To Call Home February 2, 2006 (With Help From Wikipedia) Hosts On The

Dynamic DNS: A Place To Call Home February 2, 2006 (With Help From Wikipedia) Hosts On The

NDLUG Dynamic DNS: A Place To Call Home February 2, 2006 (With Help From Wikipedia) Hosts On The Internet Every host has a unique IP Address 129.74.221.235 66.254.242.255 However, we use Domain Name System (DNS)

1.14k views • 9 slides
DNS domains and servers testing Sl Slavko Gajin k G ji slavko.gajin@ rcub.bg.ac.rs AMRES

DNS domains and servers testing Sl Slavko Gajin k G ji slavko.gajin@ rcub.bg.ac.rs AMRES

DNS domains and servers testing Sl Slavko Gajin k G ji slavko.gajin@ rcub.bg.ac.rs AMRES Academic Network of Serbia RCUB - Belgrade University Computer Center ETF Faculty of Electrical Engineering Motivation DNS first and

427 views • 14 slides
dnsmon DNS Server Monitoring Daniel Karrenberg <daniel.karrenberg@ripe.net> 1 dnsmon

dnsmon DNS Server Monitoring Daniel Karrenberg <daniel.karrenberg@ripe.net> 1 dnsmon

dnsmon DNS Server Monitoring Daniel Karrenberg <daniel.karrenberg@ripe.net> 1 dnsmon Monitor DNS servers from many places Independent and Objective Intuitive Graphical Presentation 2 Daniel Karrenberg . ccTLD Sofia

621 views • 23 slides
Hiding in Plain Sight Advances in Malware Covert Communication Channels Pierre-Marc Bureau

Hiding in Plain Sight Advances in Malware Covert Communication Channels Pierre-Marc Bureau

Hiding in Plain Sight Advances in Malware Covert Communication Channels Pierre-Marc Bureau Christian Dietrich Outline 1. Covert Channels 2. Steganography a. Lurk b. Gozi c. Stegoloader 3. Inconspicuous Carrier Protocols a.

674 views • 49 slides

More recommend