[Samba] PDC Migration to Samba

[Tim Allen]

Hi

Haven't had any responses to this earlier posting. Since the clients are
generating new user.000 profiles on the client machines, I'm assuming that
for whatever reason they've decided that this is a new domain. Can anyone
throw any light on why this may be the case, even though I've brought in the
SID from the NT4 PDC as described in 2. below?

Thanks in advance

Tim Allen


> I've been trying to finally switch off our NT4 PDC over the last few
months
> and transfer PDC duties to our Samba file server. Although I have no
> difficulty in getting the Samba box to authenticate users as the PDC, I
have
> never been able to migrate the user's settings over. As far as the clients
> (NT4 and W2K) are concerned, users effectively start with a "clean slate"
> i.e. effectively a new user (or existing user on a new machine), on
logging
> on to the Samba PDC for the first time.
>
> We've never used roaming profiles, they're all local because all our
clients
> are set up very differently.
>
> Steps taken to migrate users:
>
> 1. Extracted user and machine accounts from NT4 PDC using pwdump2 to
> generate smbpasswd.
> 2. Obtained domain SID from NT4 PDC using rpcclient lsaquery and placed in
> MACHINE.SID.
> 3. Matched /etc/passwd to smbpasswd (user and machine accounts). Globally
> changed uid's on all files on Samba box to match uid's from NT4 PDC.
> 4. Added PDC stuff to smb.conf.
> 5. Deleted secrets.tdb. Switched off NT4 PDC and restarted Samba.
>
> Log on from client as existing user with no problem but get the "Welcome
to
> Windows" dialog as for new user at the client machine. What is the client
> noticing that's different??!! The Netbios names for the NT4 and Samba
> machines are (naturally) different. Is that an issue? Even though we're
not
> using roaming profiles, is there further stuff I need to bring over from
the
> NT4 PDC?
>
> If anyone can tell me where I'm going wrong here I'd be very grateful.
>
> smb.conf below.
>
> Tim Allen
>
> # Global parameters
> [global]
>         workgroup = DCAE
>         netbios name = GOLUX
>         server string = Samba Server
>         encrypt passwords = Yes
>         username map = /usr/local/samba/lib/smbusers
>         log level = 3
>         log file = /var/log/samba/log.%m
>         max log size = 500
>         large readwrite = Yes
>         time server = Yes
>         socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8760
> SO_RCVBUF=8760
>         logon path =
>         logon home =
>         domain logons = Yes
>         preferred master = True
>         domain master = True
>         dns proxy = No
>         printer admin = @ntadmin
>         hosts allow = 192.168.1. 127.
>         printing = lprng
>         oplocks = No
>
> [print$]
>         path = /usr/local/samba/printers
>         write list = @ntadmin,root
>         guest ok = Yes
>
> [hp_lj3p]
>         path = /shared/printers/spool
>         printable = Yes
>         print command = lpr -Fb -r -P %p %s
>         printer name = lp
>
> [Apps]
>         comment = Applications
>         path = /shared/Apps
>         read only = No
>         create mask = 0644
>
> [homes]
>         comment = Home Directory
>         path = /home/%S/pchome
>         read only = No
>         create mask = 0700
>         directory mask = 0700
>         browseable = No
>
> [netlogon]
>         path = /usr/local/samba/netlogon
>         write list = ntadmin,root