[Samba] Transfer winbind idmap to LDAP
Paul Coray
paul.coray at unibas.ch
Sat Nov 13 11:36:28 GMT 2004
Marcel de Riedmatten wrote:
> Le mer 10/11/2004 à 11:21, Paul Coray a écrit :
>
>>Hi all
>>
>>This seems simple, but I can't figure how tho acheive it.
>>
>>I have:
>>
>>- NT4-PDC
>>- Fileserver (Solaris 9), Samba 3.0.2 member server with winbind
>>
>>I want to migrate my NT4-PDC to Samba PDC with ldapsam. How can I make
>>sure that after vamprie my old PDC to Samba-PDC, the user and group ids
>>will be the same as in the winbind-idmap of my Samba member server?
>>
>
>
> Hi Paul
>
> this is my suggestion:
>
> 1) get the winbind-idmap in text form with a getent passwd for example
I did that with # net idmap dump winbindd_idmap.tdb >
/tmp/winbindd_idmap.dump on the member server. the resulting file looks
like:
...
UID 10013 S-1-5-21-98201057-1281969052-1085559986-1608
UID 10202 S-1-5-21-98201057-1281969052-1085559986-1436
UID 10138 S-1-5-21-98201057-1281969052-1085559986-1011
UID 10105 S-1-5-21-98201057-1281969052-1085559986-1418
UID 10067 S-1-5-21-98201057-1281969052-1085559986-1137
...
>
> 2) remove the nss_winbind from the nssswitch.conf or what it is on
> solaris; this is because the vampire will look in the unix database to
> see if the account exist and if the account already exist it w'ont be
> added.
No need for that, as on my new PDC-LDAP system no winbind nss is
configured in the first place.
>
> 3) hack the script defined under "user add script" who will be adding
> the users to use the information of 1). With the ldap backend this is
> usually smbldap-useradd .
Well, I'd like to, but my knowledge of Perl is still too limited :-( So
if any body can help, I think I'm not the only one who would appreciate
highly! Another way would be to modify the IDs of each user and Group in
LDAP after the vampire process.
>
> 4) do the usual procedure
>
>
> Anyone has a better idea !
>
> Cheers
>
More information about the samba
mailing list