Moving to Windows AD DC and a fresh NS install for the rest

NethServer Version: 7.9.2009


We are moving to a new physical server and while NethServer is running as a VM, I am still thinking about a fresh install, due to the Active Directory DC and file server will be moved to a new Windows Server 2019 installation. But I would appreciate your feedback about this workflow.

Features those will be moved:

  • Active Directory Domain Controller (we have only a few employees, so it will be recreated from scratch)
  • File server (files will be copied by hand to make sure rights are correct)
  • DHCP
  • DNS (most likely, but can be routed trough Nethserver if something won1t work - current plan is Windows Server -> pfSense pfBlockerNG -> public DNS servers)

Features those will stay on NethServer:

  • Email + ClamAV
  • Fail2ban
  • FreePBX
  • Roundcube (from Stephdl repo)
  • WebTop
  • Web server
  • Zammad with elasticsearch (from mrmarkuz repo)

Plan A:
So, the first idea was to just move the VM, and change the account provider to the Windows Server.
Possibly this would be the easiest, but I am worried that it can go wrong as the Active Directory will be recreated from scratch, and so if there is any other ID that the system uses other than the account names, it can fail badly. Also I am not sure what happens with the corresponding mail account, mails etc.I have never tried to change the account provider on a working server, especially to a fresh AD. Furthermore in this case I guess there will be some extra unused data left on the server, and also if there are hidden problems those accumulated during updates then those will be carried on.

Plan B:
Fresh install, making all the settings and modifications by hand. Copying files by hand.
Fortunately I have a detailed (300 lines) install log about what have been done via the command line, but this file was modified a year ago, and I am afraid I’m missing something. But this would be the cleanest of all options.

Plan C:
Fresh install, restoring settings and data backups from an intermediate VM copy (where most likely I change the Active Driectory provider first). What can go wrong… I mean :man_shrugging:

Which method would you suggest?
Which should be the safest and cleanest solution?
Have any of you done similar previously? What is your experience?

Thank you for your feedback in advance!

Why Roundcube and Webtop?

Installed Roundcube lately, cannot decide between the two.
Big WebTop fan here but seeing some drawbacks too.

It looks like the basic functions runs well together, but most likely we would use only one or the other for the new server - no decision yet.

AFAIK the AD-DC container is a “no going back”. Therefore, i suggest to install everything from scratch and attach piece by piece what you need.
Consider as option to have both server running at the same time, at least for an IMAP-sync of the mailboxes.