[Samba] Migrating from Samba2.2.8a+LDAP+PDC to Samba3+ldapsam

Gémes Géza geza at kzsdabas.sulinet.hu
Wed Nov 5 19:52:44 GMT 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sebastián Abate írta:
| Hi, and thanks in advance for your support (sorry my english)
| Is there any documentation for migrating Samba 2.2 with LDAP and PDC
| suport to Samba3 with PDC and LDAPSAM?
| I try to explain the situation:
| Only one server running Mandrake 9.2 + Samba 2.2.8a with ldap support
| (from precompiled contrib); and I wish to migrate to Samba3+LDAPSAM. My
| real problem is that I must use ldap because I also use ldap for unix
| authentication (can that be done with tdbsam and pam?). I read the samba
| howto collection, but i dont find any help. The solution must preserve
| machines trust accounts and sids.
|
| Sebastián Abate
| Telcom Sistemas
| Tel. 4383-1937
| abates at telcomsistemas.com.ar
| www.telcomsistemas.com.ar
|
|
|
Hi I did something like this, Mandrake 9.1, the steps to the success where:
1. edit /etc/samba3/smb.conf to suit your old setup: Workgroup, Netbios
name, shares, ldap settings etc
2.  stop samba-2
3.  copy /etc/samba/secrets.tdb to /etc/samba3
4.  start samba-3
5.  run net3 getlocalsid, and save the result to a file
6.  stop samba-3
7.  remove /etc/samba3/secrets.tdb
8.  start samba-3
9.  run net3 setlocalsid previously saved SID
10. run smbpasswd3 -w password, just like you did with samba-2
You could say, that steps 6-10 are needless, maybe you are right, but I
felt more comfortable using a samba3 generated tdb file.
11. dump your ldap database to ldif format
12. run /usr/share/samba3/scripts/convertSambaAccount --input
your-old-ldif-file --output your-modified-ldif-file --sid
your-previously saved domain SID
13. comment out samba schema from /etc/openldap/slapd.conf, and include
the new samba3 schema
14. stop ldap
15. delete everything from /var/lib/ldap, making a backup would be advisable
16. start ldap
17. import your-modified-ldif-file to ldap
18. test test and test

Good Luck!

Geza Gemes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/qVUM/PxuIn+i1pIRAnmJAJ41SWaab+ej1YW3+RCezOhNi3pcXwCgjMFE
kFFFYAdvhEuFF0/Y/dLM5EM=
=oP1T
-----END PGP SIGNATURE-----

More information about the samba mailing list