[Samba] Smbldap tools blocks when using net rpc vampire to migrate accounts from the NT4 PDC to the SambaLdap BDC

Ioan Caltun Ioan.Caltun at aptoa.fr
Tue Aug 10 12:04:51 GMT 2004 

Hello,

I am trying to migrate a NT4 PDC server to a linux PDC Samba3.0+openLDAP backend

 

I have followed all the instructions in the Samba manual "The Linux Samba-openLDAP How to V.1.6.

However my efforts are in vain when I have to use net rpc. It hangs up and I' m trying to find out why...

So.. Here is what I did: 

 

 

[root at SERVRHAS smbldap-tools]# net rpc vampire -l -d 4 -S servpdc -U Administrateur%------

[2004/08/06 17:17:05, 3] param/loadparm.c:lp_load(3926)

  lp_load: refreshing parameters

[2004/08/06 17:17:05, 3] param/loadparm.c:init_globals(1303)

  Initialising global parameters

[2004/08/06 17:17:05, 3] param/params.c:pm_process(566)

  params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"

[2004/08/06 17:17:05, 3] param/loadparm.c:do_section(3429)

  Processing section "[global]"

  doing parameter name resolve order = wins lmhosts bcast

  doing parameter delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"

  doing parameter hosts allow = 127. 172.

  doing parameter netbios name = srvrhas

[2004/08/06 17:17:05, 4] param/loadparm.c:handle_netbios_name(2721)

  handle_netbios_name: set global_myname to: SRVRHAS

  doing parameter ldap passwd sync = Yes

  doing parameter printing = bsd

  doing parameter dos charset = ISO8859-1

  doing parameter display charset = ISO8859-1

  doing parameter remote announce = 192.168.1.255 192.168.2.44 172.2.0.2

  doing parameter local master = no

  doing parameter workgroup = domaine

  doing parameter os level = 40

  doing parameter ldap admin dn = cn=manager,dc=mediteranee,dc=com

  doing parameter printcap name = /etc/printcap

  doing parameter add machine script = /usr/local/sbin/smbldap-useradd -w "%u"

  doing parameter max log size = 500

  doing parameter log file = /var/log/samba/%m.log

  doing parameter load printers = yes

  doing parameter guest account = pcguest

  doing parameter ldap user suffix = ou=Users

  doing parameter add group script = /usr/local/sbin/smbldap-groupadd -p "%g"

  doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

  doing parameter add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"

  doing parameter domain master = no

  doing parameter passdb backend = ldapsam:ldap://127.0.0.1

  doing parameter wins support = true

  doing parameter ldap delete dn = Yes

  doing parameter server string = Red Hat AS Server Samba-Ldap Server

  doing parameter ldap group suffix = ou=Groups

  doing parameter ldap machine suffix = ou=Computers

  doing parameter ldap suffix = dc=mediteranee,dc=com

  doing parameter logon path = \\%L\Profiles\%U

  doing parameter add user script = /usr/local/sbin/smbldap-useradd -m "%u"

  doing parameter set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"

  doing parameter unix charset = ISO8859-1

  doing parameter preferred master = no

[2004/08/06 17:17:05, 4] param/loadparm.c:lp_load(3958)

  pm_process() returned Yes

[2004/08/06 17:17:05, 2] lib/interface.c:add_interface(79)

  added interface ip=172.2.0.5 bcast=172.2.255.255 nmask=255.255.0.0

[2004/08/06 17:17:05, 3] libsmb/cliconnect.c:cli_start_connection(1290)

  Connecting to host=servpdc

[2004/08/06 17:17:05, 3] lib/util_sock.c:open_socket_out(690)

  Connecting to 172.2.0.2 at port 445

[2004/08/06 17:17:05, 2] lib/util_sock.c:open_socket_out(726)

  error connecting to 172.2.0.2:445 (Connexion refusée)

[2004/08/06 17:17:05, 3] lib/util_sock.c:open_socket_out(690)

  Connecting to 172.2.0.2 at port 139                            

[2004/08/06 17:17:05, 4] lib/time.c:get_serverzone(122)

  Serverzone is -7200

[2004/08/06 17:17:05, 4] passdb/secrets.c:secrets_fetch_trust_account_password(255)

  Using cleartext machine password

[2004/08/06 17:17:05, 4] rpc_client/cli_netlogon.c:cli_net_req_chal(45)

  cli_net_req_chal: LSA Request Challenge from SRVRHAS to servpdc: F8F60FC15E8B943C

[2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_session_key(59)

  cred_session_key

[2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_create(90)

  cred_create

[2004/08/06 17:17:05, 4] rpc_client/cli_netlogon.c:cli_net_auth2(102)

  cli_net_auth2: srv:\\SERVPDC acct:SRVRHAS$ sc:6 mc: SRVRHAS chal F944E654EF209FCA neg: 400701ff

[2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_create(90)

  cred_create

[2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_assert(121)

  cred_assert

Fetching DOMAIN database

[2004/08/06 17:17:05, 4] libsmb/credentials.c:cred_create(90)

  cred_create

[2004/08/06 17:17:06, 4] libsmb/credentials.c:cred_create(90)

  cred_create

[2004/08/06 17:17:06, 4] libsmb/credentials.c:cred_assert(121)

  cred_assert

SAM_DELTA_DOMAIN_INFO not handled

[2004/08/06 17:17:06, 2] lib/smbldap.c:smbldap_search_domain_info(1295)

  Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SRVRHAS))]

[2004/08/06 17:17:06, 2] lib/smbldap.c:smbldap_search_suffix(1066)

  smbldap_search_suffix: searching for:[(&(objectClass=sambaDomain)(sambaDomainName=SRVRHAS))]

[2004/08/06 17:17:06, 2] lib/smbldap.c:smbldap_open_connection(623)

  smbldap_open_connection: connection opened

[2004/08/06 17:17:06, 3] lib/smbldap.c:smbldap_connect_system(785)

  ldap_connect_system: succesful connection to the LDAP server

[2004/08/06 17:17:06, 4] lib/smbldap.c:smbldap_open(836)

  The LDAP server is succesful connected

[2004/08/06 17:17:06, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1597)

  ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-375199814-1253531362-1423778804-512))]

[2004/08/06 17:17:06, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1612)

  ldapsam_search_one_group: Problem during the LDAP search: LDAP error:  (No such object)ldapsam_search_one_group: Query was: ou=Groups, (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-375199814-1253531362-1423778804-512))

Creating unix group: 'Admins du domaine'

 

 

Here is a question... here,in the research he usees SID sambaSID=S-1-5-21-375199814-1253531362-1423778804-512

However, in smbldap.cong, the SID I obtained after 

net rpc getlocalsid -S servpdc 

 

is

SID="S-1-5-21-375199814-1253531362-1423778804"

 

 

I also have a feeling that smbldap-useradd or groupadd do not support spaces in the Group name or accents...

Did  anyone encounter these problems.

Thank you in advance for your help

Best Regards

 

Ioan Caltun

More information about the samba mailing list