[Samba] Migrate NT PDC to SAMBA PDC

John H Terpstra jht at samba.org
Mon Jul 7 14:21:36 GMT 2003 

On Mon, 7 Jul 2003, blob wrote:

> Hi all,
>
> I'm trying to migrate NT PDC server to Samba PDC.
> and now i use samba 3.0.0beta2.
> I looks the migration steps from samba-howto-collection.pdf or
> in http://us2.samba.org/samba/ftp/cvs_current/docs/htmldocs/nt4migration.html,
> and it's not works well. The step is :
>
> ********
> The approximate migration process is described below.
> " You will have an NT4 PDC that has the users, groups, policies and profiles
> to be migrated
> " Samba-3 set up as a DC with netlogon share, profile share, etc.
>
> The Account Migration Process
> 1. Create a BDC account for the samba server using NT Server Manager
>    a) Samba must NOT be running
> 2. rpcclient NT4PDC -U Administrator%passwd
>    a) lsaquery
>    b) Note the SID returned
> 3. net getsid -S NT4PDC -w DOMNAME -U Administrator%passwd
>    a) Note the SID
> 4. net getlocalsid
>    a) Note the SID, now check that all three SIDS reported are the same!
> 5. net rpc join -S NT4PDC -w DOMNAME -U Administrator%passwd
> 6. net rpc vampire -S NT4PDC -U administrator%passwd
> 7. pdbedit -L
>    a) Note - did the users migrate?
> 8. initGrps.sh DOMNAME
> 9. net groupmap list a) Now check that all groups are recognised
> 10. net rpc vampire -S NT4PDC -U administrator%passwd
> 11. pdbedit -Lv
>    a) Note - check that all group membership has been migrated
> Now it is time to migrate all the profiles, then migrate all policy files.
> More later.
> ******************
>
> The problem is:
> 1) when using command "net rpc vampire..." (step 6), i found some message
> bellow:
> [2003/07/07 16:25:59, 1] utils/net_rpc_samsync.c:fetch_account_info(454)
>   SAM Account for beda failed to be updated in the passdb!
> 2) In step 7 & 11, i found some message like this :
> build_sam_account: smbpasswd database is corrupt!  username lain with uid 2 is
> not in unix passwd database!
> 3) I can't found file "initGrps.sh" (step 8)
>
> Can anybody tell me what is the problem?
> is there anybody doing this with successfull?

The underlying idmap code is still changing. Many things have changed in
how the migration will work. Please wait for Beta3. By the time Beta3
ships this should be stable and I will then update the procedure so it
will work.

You are correct that it is not fully functional right now.
Also, make sure that you have correctly  configured scripts for the
following:

       add user script = /usr/sbin/useradd -m %u
       delete user script = /usr/sbin/userdel -r %u
       add group script = /usr/sbin/groupadd %g
       delete group script = /usr/sbin/groupadd %g
       add user to group script = /usr/sbin/usermod -G %g %u
       add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u

- John T.
-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list