[Samba] XP Machines/profiles/migration issues

Buchan Milne bgmilne at cae.co.za
Tue Apr 1 15:41:31 GMT 2003

Hash: SHA1

> Date: 01 Apr 2003 10:11:01 +1000
> From: richard <rcoates at bigpond.net.au>
> To: Anthony Hardy <mis at jdcc.edu>
> Cc: "samba at lists.samba.org" <samba at lists.samba.org>
> Subject: Re: [Samba] XP Machines/profiles/migration issues
> Message-ID: <1049155862.2283.18.camel at mynewbox>
> In-Reply-To: <00d301c2f7b0$f390c0d0$fb020a0a at misdir>
> References: <00d301c2f7b0$f390c0d0$fb020a0a at misdir>
> Content-Type: text/plain
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Precedence: list
> Message: 5
> I'm no expert on Xp profiles but..doesen't xp assign a sid to each user
> in the profile. I believe you'll have to create your new domain-user on
> new server THEN copy old profile over newly created one (using xp user
> tools). There have posts on how to do this earlier this year. regards,
> Richard Coates.

Well, this will not fix the ntuser.dat, since the ACLs in the file will
still have the old SIDs.

> On Tue, 2003-04-01 at 04:11, Anthony Hardy wrote:
>>> well . would help if i didn't hit the send key before pasting in the
>>> original msg . once again . my apologies
>>> btw . helpful info:
>>> mandrake rpms at 2.2.7a, mandrake 9.0 . .all patches applied.
>>> I just sent this . but realized i sent it from the wrong email addy
. want
>>> to make sure it gets thru to the list . so i'm resending . i
apologize if
>>> both copies make it thru.
>>> problem:
>>> migrating from one server to another .  . .physical and software
>>> copied all profiles and am in the process of adding a new automated
>>> for domain management (mysql backend, blah balh) so the uid's
changed for
>>> each user.

Are you using the samba mysql sam backend (is that in 2.2.x, if not, you
 may want to try samba3).

Also, LDAP may be a better backend for 2.2.x.

>>> this is what how i THOUGHT things would work:
>>> 1. everyone logs out
>>> 2. shutdown samba on old server
>>> 3. add new users to new server
>>> 4. transfer ALL data to new server, including profiles, setup
permissions on
>>> files to correspond with new uids
>>> 5. finish config of smb.conf on new server, adding the proper
shares, etc .
>>> basically a mirror of the old box.
>>> 6. start up new server . . .login 9x machines for testing.
>>> 7. rejoin all XP machines to the domain, and i should have been good
to go.
>>> the problem lies in that once i rejoin an XP machine (testing with a
>>> right now) is that the profiles don't load properly.  the user logs in,
>>> everything "seems" to be ok . in that the desktop icons are present,
>>> apps seem to work . .but pieces are broken.

Chances are that if you need to rejoin machines to the domain, you are
going to need to fix the profiles. You should aim not to need to rejoin

>>> for example . . .OE or outlook . broken.  it's like the ntuser.dat file
>>> doesn't get pulled .. .

Probably becuase the ACLs in the profile itself don't allow the user to
read the settings.

>>> i noticed that under documents and settings on the local machines HD the
>>> owner wasn't correct for the correct profile directory (normally,
just the
>>> user name) and upon logging in . there was a new profile directory
>>> username.domain.  That "should" have been fine i thought . .as long
as  the
>>> profile was copied from the network . but it's NOT being copied .
. . .so
>>> i tried different machines . and various tests . from rejoining the
>>> and changing permission BEFORE logging in as the user to  . .well .
>>> everything i can think of.

If you don't repair the profile, you will have to delete it first.

>>> so . my question is two fold . .is there any reason an XP machine
that DID
>>> copy profiles from the network BEFORE the change wouldn't copy them now?

Yes, the SIDs have changed.

>>> logon path and logon home variables are the SAME and my 9x machines WORK
>>> fine

98 doesn't have SIDs, NT, 2k and XP do.

>>> . .i've got about 100 XP machines out there tho .  .and i NEED this to
>>> work . .or i'm going to attempt to go back to the old server.

It may be possible for you to fix this using the profiles binary in
samba3. Easiest way for you to do that is to install samba3-server and
samba3-common alpha22 (haven't gotten around to building alpha23 yet
...) from here:


These packages are made to parallel-install with Mandrake samba-2.2.x
RPMs, so they are safe to use (just check the smb3 is off with chkconfig
after installing it)

Then,  run
# profiles3

I have forgotten how to use it, but just read the --help, iy has an
option for changing SIDs.

Just ensure your existing profiles are backed up.


- --
|--------------Another happy Mandrake Club member--------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list