NetWare consolidation on zLinux/Samba
jdenis at fr.ibm.com
Thu Sep 27 23:52:02 GMT 2001
Thank you Steven for these informations, we are investigating....
The customer environment and needs are :
Existing 800+ Novell NetWare servers on about 100 locations world-wide
(400 servers on the headquarter site) :
NDS servers (only one NDS structure world-wide)
And some NT servers
Customer concerns :
Keep all the servers updated
Total Cost of Ownership
Customer demand :
Is it possible to consolidate NetWare file servers onto zLinux with
IBM proposed architecture :
Headquarter NetWare file servers consolidation onto a zLinux server
Remote locations NetWare file servers consolidation onto Linux on
Preliminary technical tests :
It seems we cannot propose a migration process from NetWare NDS to
zLinux and/or Samba :
We have been unable to Export NDS informations (on LDIF file)
to Import on zLinux (only UserId and GroupId can be exported,
that far away from what's needed !!!)
The only way today seems to Zip / Ftp / Unzip the files from
NetWare to zLinux, all the NDS informations needed to be manually
entered, which is unacceptable for thousands of users....
The last solution we now imagine is to ask for Novell to port his
eDirectory for Linux software from Intel to zSeries platform (with NDS
Corporate Edition ?)........
So our concern is to be able to propose an acceptable solution to our
customer, to consolidate as much as possible NetWare file servers onto
zLinux with Samba. If you can help us, you will be welcome.
Jocelyn DENIS - Project Technical Leader
IBM ATS EMEA PSSC - eServer zSeries Benchmark Center - Montpellier
Dept: 1458 MOP - Phone: +220.127.116.11.65.39 (Tie: 38-6539) - Fax:
E-mail : jdenis at fr.ibm.com
Steven French at IBMUS
To: Jocelyn Denis/France/IBM at IBMFR
From: Steven French/Austin/IBM at IBMUS
Knowing their migration goals and configuration in more detail could be
helpful. It seems likely that some code/scripts would need to be written
to ease the migration.
Some ideas from the Samba team follow:
Gerald Carter <gcarter at valinux.com> on 09/26/2001 08:22:46 AM
To: Steven French/Austin/IBM at IBMUS
cc: <samba-technical at lists.samba.org>
Subject: Re: Migration from Netware to Samba
On Tue, 25 Sep 2001, Steven French wrote:
> Does anyone know of any existing efforts to describe, document or
> automate NDS migration to Samba (or directly to another LDAP server)?
> I found a few articles describing people's experiences doing
> migrations but they seemed pretty dated.
Not aware of any. Unless NDS is storing the clear text (i know it
can, but don't but doubt this is the default), you will almost certainly
have to generate new lm/nt password hashes.
Hmmm....here's a thought. Is there a pam_nds.so module?
How about using 'update encrypted' with a pam module?
You can then migrate the password hashes to Samba....
Just a thought. I'm assuming the update encrypted code
works with a clear text login using PAM.
Moving shares is another thing because IIRC, netware and WinNT
have different semantics for file sharing are difficult to
map from one to another. FOr example, netware won't display
folders that the user does not have permission to read?
I wonder if the scopy.exe solution (see below) will work with a netware
> Might be fun to write a utility to migrate more easily from a Windows
> 2000 DC to Samba too (i.e. list users, groups, shares on server A then
> create the corresponding entries on server B - then copy the exported
> files/directories under the shares on server A to server B then setup
> similar Access Control on Server B for these directories)
Tim's new samsync stuff (recently ported from TNG) and use scopy.exe
to move files (maintains acls).
www.samba.org SAMBA Team jerry_at_samba.org
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
Andrew Bartlett <abartlet at pcug.org.au>@pcug.org.au on 09/26/2001 09:20:33
Sent by: abartlet at pcug.org.au
To: Gerald Carter <gcarter at valinux.com>
cc: Steven French/Austin/IBM at IBMUS, samba-technical at lists.samba.org
Subject: Re: Migration from Netware to Samba
Gerald Carter wrote:
> On Tue, 25 Sep 2001, Steven French wrote:
> > Does anyone know of any existing efforts to describe, document or
> > automate NDS migration to Samba (or directly to another LDAP server)?
> > I found a few articles describing people's experiences doing
> > migrations but they seemed pretty dated.
> Not aware of any. Unless NDS is storing the clear text (i know it
> can, but don't but doubt this is the default), you will almost certainly
> have to generate new lm/nt password hashes.
> Hmmm....here's a thought. Is there a pam_nds.so module?
> How about using 'update encrypted' with a pam module?
> You can then migrate the password hashes to Samba....
> Just a thought. I'm assuming the update encrypted code
> works with a clear text login using PAM.
That it does. (or should...)
Senior Software Engineer
Linux Technology Center
phone: 512-838-2294, T/L 678-2294;
pager: 512-480-6393; cell phone: 512-296-4687
email: sfrench at us.ibm.com
More information about the samba-technical