NetWare consolidation on zLinux/Samba

Jocelyn Denis jdenis at fr.ibm.com
Thu Sep 27 23:52:02 GMT 2001 

Thank you Steven for these informations, we are investigating....

The customer environment and needs are :
   Existing 800+ Novell NetWare servers on about 100 locations world-wide
   (400 servers on the headquarter site) :
        File servers
        Application servers
        NDS servers (only one NDS structure world-wide)
        Time servers
        And some NT servers
   Customer concerns :
        Keep all the servers updated
        Administration problems
        Total Cost of Ownership
   Customer demand :
        Is it possible to consolidate NetWare file servers onto zLinux with
        Samba ?
   IBM proposed architecture :
        Headquarter NetWare file servers consolidation onto a zLinux server
        with Samba,
        Remote locations NetWare file servers consolidation onto Linux on
        xSeries.
   Preliminary technical tests :
        It seems we cannot propose a migration process from NetWare NDS to
        zLinux and/or Samba :
             We have been unable to Export NDS informations (on LDIF file)
             to Import on zLinux (only UserId and GroupId can be exported,
             that far away from what's needed !!!)
        The only way today seems to Zip / Ftp / Unzip the files from
        NetWare to zLinux, all the NDS informations needed to be manually
        entered, which is unacceptable for thousands of users....
   The last solution we now imagine is to ask for Novell to port his
   eDirectory for Linux software from Intel to zSeries platform (with NDS
   Corporate Edition ?)........

So our concern is to be able to propose an acceptable solution to our
customer, to consolidate as much as possible NetWare file servers onto
zLinux with Samba. If you can help us, you will be welcome.
Regards.

Jocelyn DENIS  -  Project Technical Leader
IBM ATS EMEA PSSC  -  eServer zSeries Benchmark Center  -  Montpellier
(France)
Dept: 1458 MOP  -  Phone: +33.4.67.34.65.39 (Tie: 38-6539)  -  Fax:
+33.4.67.34.64.75
E-mail : jdenis at fr.ibm.com


Steven French at IBMUS
26/09/2001 19:03

To:   Jocelyn Denis/France/IBM at IBMFR
cc:
From: Steven French/Austin/IBM at IBMUS
Subject:


Knowing their migration goals and configuration in more detail could be
helpful.  It seems likely that some code/scripts would need to be written
to ease the migration.

Some ideas from the Samba team follow:

Gerald Carter <gcarter at valinux.com> on 09/26/2001 08:22:46 AM

To:   Steven French/Austin/IBM at IBMUS
cc:   <samba-technical at lists.samba.org>
Subject:  Re: Migration from Netware to Samba



On Tue, 25 Sep 2001, Steven French wrote:

> Does anyone know of any existing efforts to describe, document or
> automate NDS migration to Samba (or directly to another LDAP server)?
> I found a few articles describing people's experiences doing
> migrations but they seemed pretty dated.

Not aware of any.  Unless NDS is storing the clear text (i know it
can, but don't but doubt this is the default), you will almost certainly
have to generate new lm/nt password hashes.

Hmmm....here's a thought. Is there a pam_nds.so module?
How about using 'update encrypted' with a pam module?
You can then migrate the password hashes to Samba....
Just a thought. I'm assuming the update encrypted code
works with a clear text login using PAM.

Moving shares is another thing because IIRC, netware and WinNT
have different semantics for file sharing are difficult to
map from one to another.  FOr example, netware won't display
folders that the user does not have permission to read?

I wonder if the scopy.exe solution (see below) will work with a netware
server?

> Might be fun to write a utility to migrate more easily from a Windows
> 2000 DC to Samba too (i.e. list users, groups, shares on server A then
> create the corresponding entries on server B - then copy the exported
> files/directories under the shares on server A to server B then setup
> similar Access Control on Server B for these directories)

Tim's new samsync stuff (recently ported from TNG) and use scopy.exe
to move files (maintains acls).








cheers, jerry
 ---------------------------------------------------------------------
 www.samba.org              SAMBA Team              jerry_at_samba.org
 www.plainjoe.org                                jerry_at_plainjoe.org
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--




Andrew Bartlett <abartlet at pcug.org.au>@pcug.org.au on 09/26/2001 09:20:33
AM

Sent by:  abartlet at pcug.org.au


To:   Gerald Carter <gcarter at valinux.com>
cc:   Steven French/Austin/IBM at IBMUS, samba-technical at lists.samba.org
Subject:  Re: Migration from Netware to Samba



Gerald Carter wrote:
>
> On Tue, 25 Sep 2001, Steven French wrote:
>
> > Does anyone know of any existing efforts to describe, document or
> > automate NDS migration to Samba (or directly to another LDAP server)?
> > I found a few articles describing people's experiences doing
> > migrations but they seemed pretty dated.
>
> Not aware of any.  Unless NDS is storing the clear text (i know it
> can, but don't but doubt this is the default), you will almost certainly
> have to generate new lm/nt password hashes.
>
> Hmmm....here's a thought. Is there a pam_nds.so module?
> How about using 'update encrypted' with a pam module?
> You can then migrate the password hashes to Samba....
> Just a thought. I'm assuming the update encrypted code
> works with a clear text login using PAM.

That it does.  (or should...)

Steve French
Senior Software Engineer
Linux Technology Center
IBM Austin
phone: 512-838-2294, T/L 678-2294;
pager: 512-480-6393; cell phone: 512-296-4687
email: sfrench at us.ibm.com

More information about the samba-technical mailing list