samba 3.0.x to Samba-3.2.x PDC/LDAP migration problem
Ignacio Coupeau
icoupeau at unav.es
Wed Sep 24 10:38:37 GMT 2008
I'm have been a year out of the samba arena, so I apologize if the
question is too trivial.
We are testing the migration of our domain PDC, BDCs, ldap, etc, with
several thousand WS, from samba-3.0.2x to samba-3.2.3. (as matter of
fact I use samba+LDAP from the samba-1.8pre days: thanks TEAM).
The official documentation about this upgrade is empty:
35.1.1 Upgrading from Samba-3.0.x to Samba-3.2.0, also in the web.
After some reading, I changed the samba.schema, added some index for the
new attrs, etc. The smb started well, and somethings as
smbpasswd -a <user>
goes well. The dn used in the ldap connections are the usual:
base="ou=smb,o=accounts,dc=..."
But the (very big) problem is that any "domain" operation: add WS, join,
etc., uses a dn as base like this:
base="sambaDomainName=UNAV-PDC-01,sambaDomainName=unav-pdc-01,ou=smb,o=accounts,dc=..."
and filter
filter="(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=unav-pdc-01))"
1. The dn shows an additional "sambaDomainName=UNAV-PDC-01" in
uppercase, added by samba;
2. As we don't have any trusted relation at this moment, the LDAP don't
have any objectClass=sambaTrustedDomainPassword. I tried
"allow trusted domains = No", but the dn remains incorrect.
I follow every link I found, but nothing.
In the code, the function that appends the "extra" domain is
source/passdb/pdb_ldap.c:get_trusteddom_pw_int()
....
filter = talloc_asprintf(talloc_tos(),
"(&(objectClass=%s)(sambaDomainName=%s))",
LDAP_OBJ_TRUSTDOM_PASSWORD, domain);
....
but as I don't have any trust relationship, this call should be skipped
or the result ignored, right?
I tested some shortcuts without any luck:
a. add a trusted domain o PDC membership, but the PDC uses the the long dn;
b. create the sambaTrustedDomainPassword oc, but requires attributes I
don't know how initialize (like previous clear passwd, etc.)
May some one enlighten me a bit?
Thanks in advance,
Ignacio
--
________________________________________________________
Dr. Ignacio Coupeau
Systems and Network Services Director
IT Services
University of Navarra http://www.unav.edu/
Pamplona, SPAIN http://www.unav.es/SI/
More information about the samba-technical
mailing list