[tech] Domain Migration

Leighton Haynes dayta at ucc.gu.uwa.edu.au
Thu Feb 15 09:14:50 AWST 2018


Hi Zack,
  This has broken password authentication for me, and at least one other person (pandinac). 
Presumably that's because I haven't updated my password in the last 10 years.

I suspect there's a sizeable number of people that will not have a valid password set in AD.
I'd suggest before we migrate the rest of the machines, we set up some mechanism to allow 
them to update AD using their existing passwords, as we don't want to have to deal with 
password resets if we don't have to (especially since many of them will be remote). 

I noticed the 'coke' account is now missing from motsugo (and presumably other machines). We 
should probably do an audit of the 'old' vs 'new' accounts before moving machines over as 
we're quite likely to break things otherwise.

Cheers,
Leighton...

On Tue, Feb 13, 2018 at 07:58:59PM +0800, David Adam wrote:
> On Tue, 13 Feb 2018, coffee wrote:
> > Hi all,
> > Today I went ahead and began migrating most of our machines to the new 
> > domain at: ad.ucc.gu.uwa.edu.au
> > Machines migrated include:
> >      - All of the desktops in the clubroom
> >      - motsugo
> >      - merlo
> >      - molmol (can lookup users but logins are not working)
> >      - musdea (same issue as molmol)
> > 
> > Most of these have been migrated without any issues and users should not 
> > notice any significant changes after the migration, however wheel 
> > members should note that the wheel group is now gid 512. Additionally, 
> > the two freebsd machines, molmol and musdea do not currently work with 
> > domain logins (likely either and issue with user mapping or the pam config).
> 
> Hi Zack
> 
> Awesome work.
> 
> What's the domain controller? It looks like Molmol at this stage, but it 
> might be better to have a different primary controller because there are 
> apparently Issues[1] doing file serving and domain controlling from the 
> same machine.
> 
> [1]: 
> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Using_the_Domain_Controller_as_a_File_Server
> 
> A reasonable replacement might be a new VM or using Samson, or 
> alternatively a machine we don't serve files from.
> 
> [DAA]

> _______________________________________________
> List Archives: http://lists.ucc.gu.uwa.edu.au/pipermail/tech
> 
> Unsubscribe here: http://lists.ucc.gu.uwa.edu.au/mailman/options/tech/dayta%40ucc.gu.uwa.edu.au


-- 

#0421 113 305 - dayta at ucc.gu.uwa.edu.au
"Linux is legacy, but it will be a start." Ken Kutaragi - SCE


More information about the tech mailing list