[Samba] Migrated fine except passwords
Kevin B
kevin1a at varlog.net
Thu Aug 11 21:28:55 GMT 2005
Hello,
I migrated 140 users and computer accounts from NT4 to Samba 3.0.14
with ldap today.
Smbldap-tools are the latest stable version from tarball.
No errors during vampire and everyone came over
and the groups and group memberships populated fine.
We couldn't connect to the server as any user from client PC's.
The smbldaptools were set to use SSHA encryption for password attribute but
phpldapadmin showed the passwords as CRYPT with only 8 chars for all users.
I suspect the passwords never came over. In my previous lab, the passwords
migrated as SSHA encryption and worked fine.
I used smbldap-passwd to reset the password for one of the users and it shows
it is now SSHA and phpldapadmin lets me confirm the password.
Remote MS and Linux clients can now connect with the reset password.
I can reset all the user passwords manually but wonder what I may have
missed.
TIA
Kevin
[global]
unix charset = LOCALE
workgroup = GDAY
netbios name = GDAY1
server string = GDAY1
encrypt passwords = Yes
username map = /etc/samba/smbusers
log level = 0
syslog = 0
os level = 35
passdb backend = ldapsam:ldap://localhost
add user script = /usr/local/sbin/smbldap-useradd -m '%u'
#delete user script = /usr/local/sbin/smbldap-userdel '%u'
add group script = /usr/local/sbin/smbldap-groupadd '%g'
#delete group script = /usr/local/sbin/smbldap-groupdel '%g'
add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g'
#delete user from group script = /usr/local/sbin/smbldap-groupmod -x '%u'
'%g'
set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
domain logons = yes
preferred master = no
domain master = no
ldap suffix = dc=domain,dc=net
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=admin,dc=domain,dc=net
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
logon path =
logon drive = H:
wins support = yes
[homes]
comment = Home Directories
valid users = %S
read only = no
browseable = no
More information about the samba
mailing list