samba3upgrade clarification on groups
Andrew Bartlett
abartlet at samba.org
Thu May 24 16:06:59 MDT 2012
On Thu, 2012-05-24 at 14:57 -0400, Charles Tryon wrote:
> I was doing some updates to the samba-tool samba3upgrade Wiki page, and I
> just had a quick question for people who have been using this tool...
>
> My Samba3 DC uses the older tdb backend rather than LDAP. To the best of
> my knowledge, the migration tool does NOT know how to convert the
> /etc/group file when migrating to the new domain, so I've simply written a
> couple line script which slurps up the group file and issues commands to
> create the groups in the new Samba4 domain.
The samba3upgrade tool does know how to read /etc/group, if that file is
installed on the system doing the upgrade. It reads it via the same
methods that Samba3 uses to make members part of their groups at
runtime, as well as the methods for enumerating group members. Both of
these are nss calls in this instance.
If there is a desire to upgrade from a 'group' file not installed on the
system, I will happily accept patches to do that (ie parse it in
python).
> My question is: If you are using an LDAP back end, then does the tool
> normally build the groups for you? I know I've seen indications that there
> are situations where the groups fail to build correctly, but that makes it
> sound like it normally does work. Since this is not behavior I've seen
> myself, I just wanted to note this in the HOWTO.
If you know of any situation where groups fail to migrate, please let me
know, and we can fix it. We need to remove notes to the contrary from
the wiki page.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list