Right now I have a slightly rigged IT environment using ZCS NE 5.0.2 on Ubuntu 6.06.2 x86 plus the POSIX and SAMBA zimlets to provide a NT4-style domain from Samba3 on my main Debian Etch file server.

As nice as this has been for the year or so I've been using it, I'm outgrowing the NT domain and have decided to move up to proper AD running on Windows Server 2008. At the same time, I'm standardizing my infrastructure and reluctantly ditching Debian for Ubuntu LTS editions. My new Zimbra host will be running Ubuntu 8.04 x64 and everything will be running within ESXi (now that it's free, why not). The file server will also be migrated over the same way.

I'm looking for any input on how to keep the user side of this move as painless as possible. The file server is the easy part, I've already associated Linux+Samba with AD in tests without trouble. The part I'm having trouble with is how to change from the current setup where ZCS is the core of the authentication system over to using AD for everything without losing users or data. I don't care if they have to reset their passwords, but everything else needs to be painless for the user and as simple as possible for me. I don't mind getting my hands dirty, my current ZCS server has a hand-compiled network driver and some homebrew backup scripts, but I am very busy with day-to-day so the easier the better on the migration.