[OmniOS-discuss] Migration of OpenSolaris fileserver from one AD forest to another AD forest

[Lawrence Giam]

Hi All,

I have a server running OpenIndiana as a file server that is joined to a AD
forest and sharing out the zfs folders as smb shares.
I followed the steps to join OpenSolaris into a windows AD environment and
this is the step:
1. Setup the OI server to have IP address in AD forest
2. Configure DNS setup
3. Check SMB server libraries are installed
4. Configure /etc/krb5/krb5.conf to use the server in the AD forest
5. Join the OI server to the AD forest
6. Setup mapping of users and groups between systems
    - idmap add 'winuser:administrator at abc.internal' 'unixuser:root'
7. Enable mapping of unresolvable SIDs
    - svccfg -s idmap setprop config/unresolvable_sid_mapping = boolean:
true

Note: I have alot of SMB shares on this OI server.

Now I have to move the OI server to another AD forest so I would like to
know what is the proper steps to do this.

Should I be doing the following:
1. Disjoin the OI server from AD forest A
2. Update the IP address, resolv.con, krb5.conf
3. Sync the time to the new AD forest B
4. Join the OI server to AD forest B
5. Setup mapping of users and groups between systems
    - idmap add 'winuser:administrator at xyz.internal' 'unixuser:root'

Question:
1. Should I remove the mapping of users and groups after disjoin from AD
forest A?
    - idmap remove  'winuser:administrator at abc.internal' 'unixuser:root'

Thanks & Regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omniosce.org/ml-archive/attachments/20170202/c4802fe3/attachment.html>