3.6.0 transition help (thought here was better to ask than 'usrs', since 3.6 isn't out yet).

Thu Jul 21 17:06:03 MDT 2011

Ok , here's my situation.  Took me a while to notice due to 'redundancies'
and things that kept on working in spite of the problems, but too many
things built up and Noticed that my domain logins weren't working anymore
after my upgrade to 3.6 from 3.5.8.

I've been looking at this for a while, to make sure I'm not missing
obvious things, but there seem to be multiple issues at play here so I
don't know really what I'm doing, other than shooting int he dark.

1) I use Winbindd for authentication on my domain -- I had pam all fairly
well config'ed for it, -- that broke and took my first attention, (didn't
realize the implications) I reviewed my pam stack and got something that
seemed to work but that didn't quite make sense according to the docs
(likely because the docs weren't telling me that winbind wasn't using the
local passdb functions that call pam....

Maybe that's just a matter of adding a new config file somewhere.

But the ting that's causing the most grief is that my roaming profile
isn't getting stored on logout, but an old one is getting read in and
wiping out any changes ....

Only by manually editing the profile on the server could I make changes,
but then it stopped using the domain profile <domain>/USER.V2, and is now
**sometimes**, using <domain><computername>/USER.V2.   I even saw a
profile for 'public' in there!  ( didn't create it -- some sw updated the
common public profile -- so it got written out to the server!...found it
suprising but amusing!)

The main problem appears to be centered in disabling backend support that
I used.  I was told that to keep my UID's the way I wanted I had to hand
create a TDB database to match my setup, then I could use the
auto-allocation after that -- I did that...and it worked...right up until
...3.6.

Now backends are out -- so how does one do a manual config where ID's are
already allocated and one doesn't want to rekey the permissions on tons of
files by a change of UID/s and GUIDS?

I can't see anyway to do my old setup, and the new mapping mechanisms, I
know trashed my tdb database at least once (went to backup, but they are
completely hosed again.  group memberships are all messed up...it's a
disaster.

Now I'm a 1-person multi-user network... (multiple personlities?)  and
this is not looking like anything even CLOSE to fun to fix....how are corp
and larger sites gonna love this when it eats their 2000 user db's?

Meanwhile -- ideas on how to fix this ?

Id' try hand-hacking the tdb file, but I don't even know what I an put
there to make it happy.

One message I keep seeing -- lookups set to winbind I think, are looking
up 'in-domain' names under '*' now, and not by the domain name.

Since the DB has all the user/group info under the domain name, '*',
doesn't match.

Ideas on how to move forward without having to re-enter everything by
hand?  (assuming I can find a backup with the old USERDB...