[Samba] Samba/LDAP/PDC Questions

Craig White craigwhite at azapple.com
Mon Jul 26 15:53:37 GMT 2004


oops - meant to send to list

On Mon, 2004-07-26 at 07:23, Paul Gienger wrote:
> I'm not at all experienced with the vampire command, but I believe it
is 
> supposed to bring passwords over.  Perhaps someone can interject here 
> who does know what they're talking about???
> 
> (note: bringing back on list from an accidental, i suspect, pm)
> 
----
my experience with vampire command is that it is tricky and needs to be
isolated so that your ldap isn't trashed.

Thus prior to running net rpc vampire etc. - you should slapcat your
ldap so you can trash the resulting ldap, slapadd the entries back in
and try again after fixing things that don't work.

Also, you need to REALLY follow the instructions to the TEE - no
shortcuts as any misconfiguration will cause it to fail. Join the domain
- set the localsid - set smb.conf to a BDC type configuration. These
steps are absolutely vital in addition to having ldap properly
configured in smbldap, smb.conf etc. The first few efforts will almost
always fail because of all of the necessary details.

But to affirm, yes, net rpc vampire process works, user accounts and
groups, machine accounts and passwords can all be migrated. After
vampire migration, elevate settings on samba so that the system becomes
PDC and start samba services and turn netlogon service on NT4 system
off.

Craig



More information about the samba mailing list