Replacing NT4 PDC with Samba 2.2.2

Wed Dec 19 12:07:09 GMT 2001

Hi David and Allen,
i try the same. replacing a win2000K PDC with samba. I faild for a week now.
but there seem to be authentification errors. I use encrypted passwords, set
up named and machine accounts in passwd, shado and smbpasswd etc. but it
doesn't work.
But until now I never heard of a SID or RID. What is this SID ?
I have to say, that I never administered a win network. ;-)
- FRankie
***************************************************
Und Linux sagte: You don't exist! Go away!
----- Original Message -----
From: David Kadlec <david.kadlec at unicorn.cz>
To: <samba at samba.org>
Sent: Wednesday, December 19, 2001 12:55 PM
Subject: Re: Replacing NT4 PDC with Samba 2.2.2


> Hello,
>
> we went through same scenario few days ago. The problem is with SID
> creation - Samba does not make user's
> SID as domainSID-userUID as you can maybe think. Instead it does it like
> domainSID-(UID*2+1000). So they
> have different SID on NT and Samba domain. You can construct UIDs of user
> from their RID with reverse prodedure
> (UID=(RID-1000) /2 ), but if you have some with odd RID, you dont have a
> chance.
>
> David Kadlec
>
> ----- Original Message -----
> From: "Tim Allen" <timallen at ls82.fsnet.co.uk>
> To: <samba at lists.samba.org>
> Sent: Wednesday, December 19, 2001 8:58 AM
> Subject: Replacing NT4 PDC with Samba 2.2.2
>
>
> > Hi
> >
> > Haven't seen any responses to my earlier post (Transferring PDC duties
to
> > Samba) so here's a slightly different approach I'm trying which someone
> can
> > hopefully shed some light on.
> >
> > Is it possible to transfer domain-specific data from an NT4 PDC to a
Samba
> > 2.2.2 server, switch off the NT4 machine, set up smb.conf, switch on the
> > Samba box such that the attached NT4/Win2000 workstations are blissfully
> > unaware that the PDC has changed? In other words, doing the equivalent
of
> > setting up Samba as a BDC then promoting it to PDC, albeit manually.
> >
> > So far, I've done the following:
> >
> > Extracted the workstation machine accounts from the NT4 server using
> pwdump
> > and inserted into smbpasswd.
> > Made the corresponding additions to /etc/passwd and etc/shadow.
> > Extracted the NT4 SID and inserted into MACHINE.SID.
> > Specified the netbios name to be that of the NT4 server in smb.conf.
> >
> >
> > Doing the above does allow a login from one of the workstations, but the
> > workstation considers this to be a new user, which is exactly what I'm
> > trying to avoid, as the local profiles for each user are then lost. A
log
> > error message is also generated at login:
> >
> > Dec 18 16:19:28 golux smbd[15238]: [2001/12/18 16:19:28,
> > 0]rpc_server/srv_netlog.c:api_net_sam_logon(208)
> > Dec 18 16:19:28 golux smbd[15238]:   api_net_sam_logon: Failed to
marshall
> > NET_R_SAM_LOGON.
> > Dec 18 16:19:28 golux smbd[15238]: [2001/12/18 16:19:28, 0]
> > rpc_server/srv_pipe.c:api_rpcTNP(1204)
> > Dec 18 16:19:28 golux smbd[15238]:   api_rpcTNP: api_netlog_rpc:
> > NET_SAMLOGON failed.
> >
> > Any advice much appreciated.
> >
> > Tim Allen
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba