NethServer Version: 7.9.2009 Module: where to find?
Hi. I’ve a little question. We take a new customer with an old server. On the server there is NS7 (we have some passwords, but I must check if admin’s one work, but I’ve the root one) that work also as domain controller. We need to deprecate it and migrate everything on a new DC based on Windows 2022. I thought that the direct migration could be a problem, so I created a W2012R2 and joined it to the domain with a user that I created on the server as domain admins. I joined the server to the domain, so I installed AD services and then I tried to rise the server as AD-DC (as I did a lot of time with M$ AD) but in this case I cannot go on because my user is not a schema admin and enterprise admin. Is there a way to join this server ad DC?
become an AD domain controller, with the bridged NSDC feature, and provide AD DC services to Windows Client
Use OpenLDAP to connect NethServer to existing Microsoft AD controller, and use it as authentication provider for services installed
You cannot
migrate DC from NS7 to another AD DC from Microsoft
have a mixed NS7/Microsoft AD environment with both acting as DC.
AFAIK, Microsoft did not support this feature with different versions of Windows Server (mixed operating systems), IDK after Windows Server 2016 things changed or not.
Nethserver can:
Be an AD DC
Be an OpenLDAP client for Microsoft AD instance
migration between states AFAIK is not reported as possible.
As fare as I can see… you need to wipeout your current setup on Windows and start AD from scratch. You’ll also need to migrate clients and profiles between the AD domains.
NethServers version in NS7 of Samba, used to create a AD DC, is 1:1 compatible with MS 2012 (R2) AD.
This means a Windows 2012 Server can join and become a second AD.
You can use Stephdl’s module PHPLDAPAdmin to administrate AD in NethServer - eg to give the Windows Server additional permissions / functions.
Then turn off NethServer, and promote the Windows Server to AD DC (primary).
The NethServer can be removed then using Windows Tools…
It works, but is not supported at all. You’re on your own essentially.