[Samba] Migration to 3.0.2a

Andrew Bartlett abartlet at samba.org
Sat Feb 21 21:47:10 GMT 2004 

On Sun, 2004-02-22 at 06:54, Jacek Palka wrote:
> Hi,
> 
> I know this issue has already been handled several times, but I couldn’t
> find any clear description of the procedure.
> 
> I have Samba 2.2.5 running as a PDC on a RedHat 7.3 box, which I’d like to
> migrate to 3.0.2a now. Both versions are compiled from source using
> different prefixes (/usr/local/samba and /usr/local/samba3), so I can still
> use the old version until I get the new one working.
> 
> What I have done until now was the following:
> 
> 1.	stopped samba-2
> 2.	copied files smb.conf, secrets.tdb, smbpasswd and all the *.tdb (and
> browse.dat) files to the respective location within the samba3 directory
> tree.
> 3.	I’ve changed all the necessary paths in the smb.conf file to point out
> the right locations within the new, samba3 directory structure.
> 4.	I’ve checked the file by running “testparm”
> 5.	I’ve extracted the SID by running “net getlocalsid” command
> 6.	removed secrets.tdb from samba3 and run “net setlocalsid
> <extracted_value>”. This created a new version of the file.

There is no need for this step.  That's why you copied the secrets.tdb
in the first place, and 'net setlocalsid' would overwrite an old sid
anyway.

> 7.	started samba3. I could see the Samba server from my W2k pro box, but
> when trying to access it, I just got the login dialog, but couldn’t log in.
> 8.	tested also “pdbedit –Lv”, but couldn’t see anything wrong.
> 9.	I’ve also tried to migrate my user accounts using “pdbedit -i
> smbpasswd -e tdbsam”, but the result was the same.
> 
> What I did wrong? I’ve been using Samba in many years, but actually I’m no
> so experienced in the subject. So I hope there is a guru out there who can
> guide me through the process.

In your smbpasswd file, are the last change times (LCT-) zero?  Ie, do
they look like LCT-000000 or LCT-2DA4278 ?  If they are zero, then as
per the release notes for 3.0.2a, you need to change them to (at the
very least) LCT-000001.  The problem is, that 0 is not a valid last
change time, and we use that to tell if your smbpasswd file might have
been bitten by the security issues in 3.0.0 and 3.0.1.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040222/3f4b435d/attachment.bin

More information about the samba mailing list