[Samba] Re: Samba 3 Beta3 using LDAP and NT4 Migrate

Failed Access mdonovan at edwtech.com
Wed Jul 23 16:24:10 GMT 2003 

(totally new to this gig but...)
I think the net getsid command should be
net rpc getsid

without the SID NT wont like you (well as far as I can see anyhow)
Hope that helps :c)

Matt D.

Peter S. Calvert wrote:
> Hi,
> 
> I am trying a test of migrating a NT4 Domain to Samba 3 Beta 3 configured to
> use LDAP on Redhat 8.  Is this possible?
> 
> Details
> -------
> I previously had Beta 2 on LDAP running as it's own domain controller
> without problem and could create users (in LDAP) with smbpasswd -a.  XP
> clients could join and login OK.
> 
> Now I have flushed that setup and have loaded Beta 3 configured to use LDAP,
> installed a test NT4 domain controller and tried the NT4 migration steps
> (Samba (nmbd, smbd) was not running as per instructions).
> 
> (1) the LDAP schema changed from Beta2 -> Beta3, this was not mentioned in
> the release notes.  This was relatively simple to fix.
> 
> (2) the "net getsid" command:
>     net getsid -S NT4PDC -w DOMNAME -U Administrator%passwd
> does not exist?  Is there an equivalent?
> 
> I skipped this step.
> 
> (3) "net getlocalsid" returns, none set!.  I ran "net setlocalsid" and gave
> it the SID from "rpcclient NT4PDC -U Administrator%passwd".
> 
> (4) net join appeared to work well.
> 
> (5)  the net rpc vampire command fails:
> Fetching DOMAIN database
> SAM_DELTA_DOMAIN_INFO not handled
> Creating unix group: 'Domain Admins'
> Creating unix group: 'Domain Users'
> Creating unix group: 'Domain Guests'
> Creating account: Administrator
> Creating account: Guest
> Creating account: TESTPDC$
> Creating account: user1
> Creating account: user2
> Creating account: admin1
> Creating account: admin2
> Creating account: CROAK$
> Creating account: DEBBIE$
> [2003/07/17 19:41:14, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(583)
>   Could not find global group 512
> [2003/07/17 19:41:14, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(583)
>   Could not find global group 513
> [2003/07/17 19:41:14, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(583)
>   Could not find global group 514
> Fetching BUILTIN database
> [2003/07/17 19:41:14, 0] rpc_client/cli_pipe.c:rpc_api_pipe_req(1026)
>   SCHANNEL ERROR: seq_num must be even in client (seq_num=3)
> SAM_DELTA_DOMAIN_INFO not handled
> Creating unix group: 'Account Operators'
> Creating unix group: 'Administrators'
> Creating unix group: 'Backup Operators'
> Creating unix group: 'Guests'
> Creating unix group: 'Print Operators'
> Creating unix group: 'Replicator'
> Creating unix group: 'Server Operators'
> Creating unix group: 'Users'
> 
> Nothing is put in LDAP, /etc/passwd., or /etc/group.  I was hoping my LDAP
> would be populated :-(.
> 
> (6) I noticed that pdbedit -Lv did put the sambaDomain entry into LDAP.
> This is the only change that occurred in LDAP.
> 
> (7) The migration instructions mention:
>    Before attempting to migrate user and group accounts it is STRONGLY
>    advised to create in Samba-3 the groups that are present on the MS
>   Windows NT4 domain AND to connect these to suitable Unix/Linux groups
> 
> How does one create/connect these Samba-3 groups that work when using samba
> with LDAP?
> 
> BTW I am using IBM's LDAP server 5.1 on Redhat 8
> 
> Thanks,
> Peter
> 
> 
>

More information about the samba mailing list