[Samba] NT4 PDC Account transfer
Craig White
craigwhite at azapple.com
Thu Jan 22 06:04:34 GMT 2004
On Wed, 2004-01-21 at 22:31, Sohail Hasan wrote:
> Beast wrote:
>
> >* Sohail Hasan <samba at etilizepak.com> nulis:
> >
> >
> >
> >>Hi All,
> >>
> >>I am following the procedure given in Samba-HOWTO for the migration to
> >>samba from NT4 PDC, however in the account transfer from the PDC step I
> >>am getting the following failure when running the command:
> >>
> >>net rpc vampire -S server -U administrator%passwd
> >>
> >>Could not retrieve domain trust secret
> >>
> >>Has anybody got any idea of what else is needed here.
> >>
> >>
> >
> >Did you join this samba (as bdc) before running rpc vampire?
> >Did you set samba to have same SID as NT domain?
> >
> >net rpc getsid -S "NTname" -Uadministrator%passwd
> >
> >
> >--beast
> >
>
> Now when I run rpc vampire I get this:
>
> Fetching DOMAIN database
> SAM_DELTA_DOMAIN_INFO not handled
> Creating unix group: 'Domain Admins'
> Creating unix group: 'Domain Users'
> Creating unix group: 'Domain Guests'
> Creating unix group: 'PROGRAMMER'
> Creating unix group: 'Mohicans'
> Creating unix group: 'NDA'
> Creating account: Administrator
> Could not create posix account info for 'Administrator'
> Creating account: Guest
> Could not create posix account info for 'Guest'
> Creating account: testuser
> Could not create posix account info for 'testuser'
> [2004/01/22 10:08:04, 0] passdb/pdb_smbpasswd.c:build_smb_pass(1146)
> build_sam_pass: Failing attempt to store user with non-uid based user RID.
> .
> .
> .
> Could not create posix account info for 'lab1$'
> Creating account: SABBASI$
> Could not create posix account info for 'lab2$'
> Creating account: SIDDIQUI$
> Could not create posix account info for 'john$'
> Creating account: MAMAN$
> Could not create posix account info for 'peter$'
> [2004/01/22 10:08:06, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(591)
> Could not find global group 512
> [2004/01/22 10:08:06, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(591)
> Could not find global group 513
> [2004/01/22 10:08:06, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(591)
> Could not find global group 514
> .
> .
> .
> Creating unix group: 'Debugger Users'
> Fetching BUILTIN database
> SAM_DELTA_DOMAIN_INFO not handled
> Creating unix group: 'Account Operators'
> Creating unix group: 'Administrators'
> Creating unix group: 'Backup Operators'
> Creating unix group: 'Guests'
> Creating unix group: 'Print Operators'
> Creating unix group: 'Replicator'
> Creating unix group: 'Server Operators'
> Creating unix group: 'Users'
>
> The question is that where has it created the users and groups because
> there are no new entries in /etc/passwd and /etc/group files. Do I need
> to run mapping between NT groups and UNIX before running "vampire" command.
---
where is a very good question since you give us absolutely no clues as
to the type of backend passdb you are using.
Clearly, it's not properly set up to create users - if LDAP, you need to
make that work first, get the SID, set it, put it into the
smbldap_conf.pm file and fix that file to retain your users properly
(also - you will need to check your nsswitch.conf and ldap.conf) and set
your binddn password with the command smbpasswd -w BINDDN_PASSWORD
If you are using some other backend passdb, you will need to follow
those directions.
Craig
More information about the samba
mailing list