[Samba] Easy conversion/import/use of old samba databases(passwords) to samba4?

Vesa Roto vesa.roto at xifof.com
Mon Jun 23 04:42:40 MDT 2014 

Background: A server running samba 3.6.3 on ubuntu 12.04 had a raid
controller failure that also  corrupted the disks. I set up temporary
server by simply installing ubuntu 12.04 and copying over the
configuration(/etc/samba, /var/lib/samba passwd shadow groups gshadow)
from backup to a reserve workstation and it has worked fine as reserve
server.

Setup: uses a single server master domain controller with tdb backend.

Test: The replacement parts arrived and I installed ubuntu 14.04 on
the main server. However ubuntu 14.04 only comes with samba 4.1.6 and
there is no samba 3 package.

Copying over the files and trying it shows that samba 4.1.6 starts
fine with the old configuration and tdb files from the old samba, but
the passwords do not work for users and machines. If I reset the
password manually and rejoin the workstation to the domain things
seems to work.

I would prefer to have the downtime on the server as short as possible.

I tried looking at the samba 3 to 4 transition guides and they all
either seem to have instructions for in place upgrade(that would
require me to install samba3 first on the main server or samba4 on the
temporary server) or by adding an extra server to a domain using ldap.

Anyone have any ideas for how to transfer/set the passwords easiest?

Possible solutions that I see:

Reset all passwords and rejoin machines to the domain manually.
   Not preferred as people are mobile and not all on site in any
reasonable time.

Manually compile and install samba 3 on the server
   Not preferred as maintaining security fixes and such on manual
configs is more work.

Just install ubuntu 12.04 with samba 3.6.x again on the server and do
the ubuntu/samba 4 transition later.
   Probably easiest solution if there is no easy way to transfer the
passwords. Would allow things to work for few years without changes.

Do some sort of conversion so that the user/machine passwords are
moved from samba 3 to 4.
   Would likely be the best solution if there is a fairly easy way to do it.

Any suggestions/ideas/how to guides or such that would help me?

-- 
Vesa Roto

More information about the samba mailing list