[Samba] Migrate NT4 Dom -> Samba 3.0.2a
Michael Kuznik
kuznik at montanhydraulik.com
Tue Feb 24 15:07:23 GMT 2004
John H Terpstra schrieb:
> On Mon, 23 Feb 2004, Michael Kuznik wrote:
>
>
>>Andrew Bartlett schrieb:
>>
>>>On Thu, 2004-02-19 at 21:40, Michael Kuznik wrote:
>>>
>>>
>>>>Hi,
>>>>
>>>>I'm testing the migration of an NT4 Domain onto a Samba-Server.
>>>>
>>>>Now I'm at the point to migrate users and maschine accounts.
>>>>It works fine for some users but not for all!
>>>>This is the output:
>>>><-
>>>># net rpc vampire -w samba
>>>>Fetching DOMAIN database
>>>>SAM_DELTA_DOMAIN_INFO not handled
>>>>Creating account: Administrator
>>>>Creating account: Gast
>>>>[2004/02/19 12:40:28, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(595)
>>>> add_smbfilepwd_entry: entry with name Gast already exists
>>>>Creating account: TEST-PDC$
>>>>Creating account: akira
>>>>[2004/02/19 12:40:28, 0] passdb/pdb_smbpasswd.c:build_smb_pass(1150)
>>>> build_sam_pass: Failing attempt to store user with non-uid based user
>>>>RID.
>>>
>>>
>>>Vampire is incompatible with smbpasswd - you *must* use tdbsam, or
>>>ldapsam.
>>>
>>>The smbpasswd file is just too simple to deal with the information NT
>>>provides us (RID in particular).
>>>
>>>Andrew Bartlett
>>>
>>
>>Ok, now I have set up an openLDAP Server. It works for logons via ssh
>>login and so on. But when I try to import Windows Users with :
>>
>>net rpc vampire -S test-pdc -U Administrator
>>
>>this is the output:
>>
>><--snip--
>>Fetching DOMAIN database
>>SAM_DELTA_DOMAIN_INFO not handled
>>Creating account: Administrator
>>Could not create posix account info for 'Administrator'
>>Creating account: Gast
>>Could not create posix account info for 'Gast'
>>Creating account: TEST-PDC$
>>Could not create posix account info for 'TEST-PDC$'
>>Creating account: akira
>>Could not create posix account info for 'akira'
>>Creating account: lgm
>>Could not create posix account info for 'lgm'
>>--snap-->
>>
>>
>>What is wrong?
>
>
> What entries do you have in your smb.conf file for the "add user script",
> "add machine script", "add group script", etc.?
>
> - John T.
Yes, that's my failure I didn't add entries at that point, first I had
but now not!
Now I'm using the smbldap-tool(0.8.4).
The net rpc vampire now puts out:
<--snip--
Creating account: akira
[2004/02/24 15:47:06, 0] utils/net_rpc_samsync.c:fetch_account_info(492)
Primary group of akira has no mapping!
Creating account: lgm
[2004/02/24 15:47:07, 0] utils/net_rpc_samsync.c:fetch_account_info(492)
Primary group of lgm has no mapping!
Creating account: normal
[2004/02/24 15:47:08, 0] utils/net_rpc_samsync.c:fetch_account_info(492)
Primary group of normal has no mapping!
Creating account: TEST-CLIENT$
Could not create posix account info for 'TEST-CLIENT$'
Creating account: grrr
[2004/02/24 15:47:09, 0] utils/net_rpc_samsync.c:fetch_account_info(492)
Primary group of grrr has no mapping!
[2004/02/24 16:01:09, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(594)
Could not find global group 512
[2004/02/24 16:01:09, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(594)
Could not find global group 513
[2004/02/24 16:01:09, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(594)
Could not find global group 514
--snap-->
and pdbedit -L says:
# pdbedit -L
Administrator:0:Administrator
nobody:65534:nobody
Gast:1000:nobody
akira:1001:akira
lgm:1002:lgm
normal:1003:normal
grrr:1004:grrr
lol:1005:lol
That seems to be good, but not for the Machine Accounts!
When I now start samba, turn off the NT4-PDC, and want to sign on to a
Windows Machine it said the password fails or the account of this
machine isn't in the domain!
--
Michael
More information about the samba
mailing list