Usage of myldap-pub.py
Charles Tryon
charles.tryon at gmail.com
Fri Nov 12 07:46:14 MST 2010
Greetings!
Mark Rutherford was so kind as to send me his copy of the myldap-pub.py
script, so I have a working copy of the script. (I found a copy in an list
archive, but the indenting was foobared, which really confused Python!)
However, with my still limited knowledge of Samba4 and Python, I'm having a
lot of difficulty figuring out how to use it to migrate users out of my
existing Samba3/Fedora389 setup into a new Samba4 domain I am trying to
build.
I am currently running S4 from the git repository (last pull on 11/11). I
used the HOWTO at http://wiki.samba.org/index.php/Samba4/HOWTO to set up the
domain. I have Dynamic DNS working with DHCP, and I believe Kerberos is
working correctly. I can add users through the "samba-tool", and join both
XP and Windows7 machines to the domain. I even have the Microsoft AD
administrative tools talking to the domain to add or manage users.
My problem is that I would like to migrate over a large number of existing
users and machines to the domain such that if I shut down the old domain and
connect the new one, the users and machines won't know the difference.
What I have done is to provision a clean domain:
sudo /usr/local/samba/sbin/provision --realm=bbaggins.net \
--domain=ARDA \
--domain-sid=S-1-5-21-1104678897-1477468196-890409133
\
--adminpass=Xxxxxxx \
--server-role='domain controller'
I then tried to run the migrate script, trying to guess at the parameters:
./myldap-pub.py \
--ldap_uri=ldap://weathertop.bbaggins.net \ URI of existing
LDAP?
--ldap_binddn="CN=Directory Manager" \ binddn "
--ldap_bindpwd="Yyyyyyy" \ passwd "
--output_basedn="dc=bbaggins,dc=net" \
--input_domain_name=SHIRE \
--input_basedn="dc=bbaggins,dc=net" \
--import_accounts=Users \
--output_users_ou="ou=People"
The response I get is:
Traceback (most recent call last):
File "./myldap-pub.py", line 1934, in <module>
ldap_cmd.run()
File "./myldap-pub.py", line 1927, in run
user_principal_name=options.user_principal_name)
File "./myldap-pub.py", line 449, in __init__
computer_replace_attrs=computer_replace_attrs)
File "./myldap-pub.py", line 1713, in convertObjects
disable_if_no_unicodePwd=True)
File "./myldap-pub.py", line 1371, in convert_sambaSamAccount
assert keep != remove, 'keep[%s] remove[%s] error attr[%s] in: %s\n' %
(str(keep), str(remove), attr, str(old))
AssertionError: keep[False] remove[False] error attr[ntUserDomainId] in:
{'cn': ['Sam Tryon'], 'objectClass': ['top', 'person', 'account',
'organizationalPerson', 'inetorgperson', 'ntuser', 'posixAccount',
'sambaSamAccount'], 'uidNumber': ['11008'], 'sambaAcctFlags': ['[U
]'], 'sambaPrimaryGroupSID':
['S-1-5-21-1104678897-1477468196-890409133-513'], 'uid': ['sam'],
'sambaHomePath': ['\\\\weathertop\\homes\\'], 'userPassword': ['{crypt}'],
'sambaProfilePath': ['\\\\weathertop\\profiles\\sam'], 'sambaPwdMustChange':
['7776000'], 'mail': ['laadass at gmail.com'], 'sambaLogonScript':
['OMLOGON.CMD'], 'loginShell': ['/bin/bash'], 'gidNumber': ['5004'],
'sambaPwdLastSet': ['1288209778'], 'sambaNTPassword':
['FAE44DBF10C32BEB313D3DDF1235280D'], 'ntUserDomainId': ['Sam.Tryon'],
'homePhone': ['770-631-3448', '770-851-2879'], 'telephoneNumber': ['5207'],
'sambaHomeDrive': ['N:'], 'sambaSID':
['S-1-5-21-1104678897-1477468196-890409133-11008'], 'gecos': ['Sam Tryon'],
'sn': ['Tryon'], 'homeDirectory': ['/home/sam'], 'givenName': ['Sam']}
Any hints on what is going on here?
--
Charles Tryon
_________________________________________________________________________
"It's the job that's never started that takes longest to finish."
-- Samwise Gamgee
More information about the samba-technical
mailing list