Copying the SAM to UNIX

Todd Sabin tas at webspan.net
Sun Oct 15 16:17:14 GMT 2000


Richard Sharpe <rsharpe at ns.aus.com> writes:

> Hi,
> 
> I have an interesting and possibly unique situation where I want to take an
> exiting SAM, full of accounts and NT password hashes, and move it to UNIX
> (probably FreeBSD). I would like to move to be as transparent as possible.
> 
> I am suggesting that I can use pwdump2 to extract the SAM in a format to
> put into /etc/smbpasswd or whatever, and use PAM to authenticate users with.
> [...]
>
> Anyone have any comments?
> 

Hi,

I'm not totally up to date on current Samba capabilities, but I think
you may find this to be quite difficult.  The problem is in making it
relatively transparent to the users.  When you convert from your SAM
to smbpasswd, Samba is going to map the user's unix uid's to different
RIDs than they had on NT.  This will make things rather un-transparent
to users.

I did a migration from an NT PDC to samba quite a while ago on my home
network.  I did manage to make it transparent to the users (all two of
us :)), but it was somewhat painful, and involved a _really_ gross
hack to make the RIDs turn out the way I wanted.  I'm not sure it
would work for a large number of users/machines.

If you want, I could try to describe the process I went through, but
it was over a year ago and I've probably forgotten some of it.  The
gross hack I used was in lib/domain_namemap.c where I just hard-coded
the uid <--> RID mapping that I needed for me and my wife.


Todd




More information about the samba-ntdom mailing list