[Samba] User Data / Profiles / Permission / Mappings Loss from
Samba to Samba Migration
Fanying Jen
fanying at lillecorp.com
Tue Nov 18 00:05:46 GMT 2003
We checked the SID on both the old Samba and the new Samba (both of which
are version 2.2.8a) and they identical. We noticed that the SID for the
users no longer map properly and we had to put all of the users back in
manually. Once the users were in, the users were able to launch their
applications. The only difference between the two setup is the old Samba
uses LDAP authentication while the new Samba uses the /etc/samba/smbpasswd
file. Unix system accounts and information are identical on both systems.
It is that SID numbers of calculated differently on an LDAP back end and a
smbpasswd file back end?
On Mon, 17 Nov 2003, John H Terpstra wrote:
> On Mon, 17 Nov 2003, Fanying Jen wrote:
>
> > We have completed a migration from one Samba server to another Samba.
> > The versions and binaries are exactly the same. The only difference
> > between the two configs is that the original Samba server used LDAP for
> > authentication and the new Samba server uses the flat files for
> > authentication (smbpasswd file).
> >
> > Here is the problem: On a Windows 2000 file server, we have folder
> > shares. Users can log on via Samba, but permissions to the shared
> > folders are all screwed up. When I review the permissions in the
> > sharing tab on the 2000 server I noticed that none of the user names are
> > listed, just some sort of serial number (e.g. S-xxxx-xxxx-xxxx-xxxx).
>
> That number is the SID (security identifier your user has/had). Every
> domain / server has it's own SID. Did you updte the new server SID to that
> of the old one?
>
> On samba-2.2.x the tool to retrieve the domain SID is:
> smbpasswd -S 'Domain_Name'
>
> To write it on samba-2.2.x:
> smbpasswd -W S-1-5-...
>
> On samba-3.x to read the SID:
> net getlocalsid
>
> To write on samba-3.x:
> net setlocalsid S-1-5-....
>
> - John T.
>
More information about the samba
mailing list