New user passwords?

Charles Tryon charles.tryon at gmail.com
Sun Oct 16 18:03:55 MDT 2011 

On Fri, Oct 14, 2011 at 5:41 PM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Fri, 2011-10-14 at 17:35 -0400, Charles Tryon wrote:
> > On Fri, Oct 14, 2011 at 5:27 PM, Andrew Bartlett <abartlet at samba.org>
> wrote:
> >
> > > On Fri, 2011-10-14 at 17:18 -0400, Charles Tryon wrote:
> > > > When using samba-tool to create new Samba4 users from the command
> line,
> > > is
> > > > there any way to:
> > > >
> > > >     (1) specify the Unix userid (xidNumber) on the command line
> > > >
> > > >     (2) specify the password using an existing password hash, for
> > > example,
> > > > from the output of "pdbedit -L -w" on an existing Samba3 box?
> > >
> > > If you wish to upgrade users from Samba3, see the 'samba-tool domain
> > > samba3upgrade' command.
> > >
> > > This python script also gives a good example about how you might
> perform
> > > other manual imports of users.
> > >
> > > Andrew Bartlett
> > >
> >
> >
> > Unfortunately, my old domain is based on a pretty old version of Samba
> > (3.0.9-2) and basically barfs the samba3upgrade script.
>
> What fails?  I'm happy to make reasonable modifications to the script to
> have it import older databases.  It runs (mostly) the same backend code
> that an upgrade to Samba 3.6 would trigger, so it should be pretty
> reasonable to fix these issues.
>

I'll see if I can replicate the error and give you some more specifics.
 This was a pretty old database, running on a very tweaked out Linux
install, which has already gone through a couple of migrations, and there
are likely Bad Things in it to cause the error, so it's altogether possible
that it's not the fault of the script.

The Samba4 project has a very good HOWTO, which though there are sometimes
problems, I've noticed that people are working to keep it up to date, and
it's been HUGELY helpful getting Samba4 running.  I'm wondering if there is
any sort of guide to the conversion process.  There is some help in the
script itself, and sometimes you get an error message, but for someone who
hasn't been immersed in it's function, I feel pretty clueless.  Any kind of
pointers would be helpful...

What I have done is copy over the old /etc/samba (with the contained tdb
user databases) and /usr/lib/samba to the new Samba4 system.  I've then run
the tool:

<samba4:ctryon>? sudo /usr/local/samba/sbin/samba-tool domain samba3upgrade
 --libdir /usr/lib/samba3 -d 256 /etc/samba3/smb.conf
[sudo] password for ctryon:
INFO: Current debug levels:
  all: 256
  tdb: 256
  printdrivers: 256
  lanman: 256
  smb: 256
  rpc_parse: 256
  rpc_srv: 256
  rpc_cli: 256
  passdb: 256
  sam: 256
  auth: 256
  winbind: 256
  vfs: 256
  idmap: 256
  quota: 256
  acls: 256
  locking: 256
  msdfs: 256
  dmapi: 256
  registry: 256
lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file
"/usr/local/samba/etc/smb.conf"
Processing section "[global]"
Processing section "[netlogon]"
Processing section "[sysvol]"
pm_process() returned Yes
Reading smb.conf
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
params.c:pm_process() - Processing configuration file "/etc/samba3/smb.conf"
Processing section "[global]"
doing parameter wins support = yes
doing parameter dns proxy = yes
doing parameter message command = bash -c 'cat %s | logger -t %f' &
doing parameter name resolve order = wins bcast
doing parameter security = user
doing parameter time server = yes
doing parameter server string = ""
doing parameter interfaces = 10.4.1.1/23
doing parameter username map = /etc/samba/smbusermap
doing parameter printing = lprng
doing parameter load printers = yes
doing parameter printcap = /etc/printcap
doing parameter cups options = "raw"
doing parameter printer admin = @dom_admin
WARNING: The "printer admin" option is deprecated
doing parameter print command = /usr/bin/lpr -P%p -Ccut.no_ff %s; rm %s
doing parameter socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter read raw = no
doing parameter large readwrite = yes
doing parameter kernel oplocks = yes
doing parameter veto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF
doing parameter smb ports = 139 445
doing parameter force create mode = 660
doing parameter directory mask = 2770
doing parameter force directory mode = 2000
doing parameter dos filetimes = yes
doing parameter min print space = 2048
doing parameter veto files = lost+found/proc/dev
doing parameter read only = no
doing parameter dos filetime resolution = yes
doing parameter passdb backend = tdbsam guest
doing parameter encrypt passwords = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/local/sbin/sysadm-samba.pl--changepw=%u
doing parameter passwd chat = *new*password* %n\n *changed*
doing parameter passdb backend = tdbsam
doing parameter add machine script = /usr/sbin/adduser -n -g machines -c
Machine -d /dev/null -s /bin/false %u
doing parameter logon drive = N:
doing parameter logon home = \\%L\%U
doing parameter logon path =
doing parameter netbios name = ADAM
doing parameter netbios aliases = NTINSTALL
doing parameter name cache timeout = 60
doing parameter workgroup = OMUSA
doing parameter dos charset = CP850
doing parameter debug level = 1
WARNING: The "null passwords" option is deprecated
WARNING: The "password level" option is deprecated
WARNING: The "share modes" option is deprecated
WARNING: The "share modes" option is deprecated
Provisioning
ERROR(<type 'exceptions.IOError'>): uncaught exception - [Errno 2] No such
file or directory
  File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
line 135, in _run
    return self.run(*args, **kwargs)
  File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py", line
629, in run
    useeadb=eadb)
  File "/usr/local/samba/lib/python2.6/site-packages/samba/upgrade.py", line
472, in upgrade_from_samba3
    secrets_db = samba3.get_secrets_db()
  File
"/usr/local/samba/lib/python2.6/site-packages/samba/samba3/__init__.py",
line 393, in get_secrets_db
    return SecretsDatabase(self.privatedir_path("secrets.tdb"))
  File
"/usr/local/samba/lib/python2.6/site-packages/samba/samba3/__init__.py",
line 61, in __init__
    self.tdb = tdb.Tdb(file, flags=os.O_RDONLY)


Looks like a missing file it's assuming will be there, but I'm not seeing
which file that is.




>
> Andrew Bartlett
>
> --
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
>
>


-- 
    Charles Tryon
_________________________________________________________________________
      "It's the job that's never started that takes longest to finish."
                                 -- Samwise Gamgee

More information about the samba-technical mailing list