[Samba] migrate profile from an old server to a new one - SID and
ntuser.dat problem
christoph empl
m_itch_de at yahoo.de
Tue Dec 6 14:50:55 GMT 2005
Hi,
thank you for your quick answer...
Sorry, i forgot to tell you that i replaced the sid of
the new server with the sid of the old server.
But then i have the problem that the user sid (and
gid) are structured like this:
old-sid-from-the-new-server-uid and not
sid-from-the-old-server-uid (the head of the users sid
consists of the sid from the new server, the one that
i replaced with the sid of the old server). So the
Users don't have access rights to their profiles,
because they don't have their original sids.
thank you, Christoph
Chritoph,
Your problem is that while having a new server, by
default
you have a new server SID. The problem is that you
want to
manage users who own SID from your 2.2 server. As we
can't
imagine to lose all users profile, you have to set the
2.2
samba server SID on your 3.0 samba server.
This is a common migration problem.
What you must do is:
1) On Samba 2.2: pick your 2.2 server SID
smbpasswd -X {your_domain}
This will give you a string like this one:
SID for domain mydomain is:
S-1-5-21-1547254743-587533270-2928086249
2) On Samba 3.0: setting 3.0 SID with SID picked on
2.2
Save the current 3.0 SID for eventual recovery needs
net getlocalsied > file_to_save_3.0_SID
Set 2.2 SID on 3.0 PDC like this:
net setlocalsid
S-1-5-21-1547254743-587533270-2928086249
Restart samba and I think things should go better.
Regards,
Pierre
christoph empl wrote:
> Hi,
>
> i did the change according to your guideline, but id
> don't know how i can preserve the sids and gids of
the
> users. I am working with exact the same uids and
gids
> as on the old server, i have changed the sid of the
> server (is it a problem the "net getlocalsid" shows
> another sid as "net getlocalsid domainname" ?), but
> the user sids differ from the user sids from the old
> server. Is it a solution to change all sids in each
> ntuser.dat to the new value?
> Is it possible that the mistake is that i have to
give
> the new server a different hostname (routing and
> testing reason), or why isn't it enough to change
its
> sid with "net setlocalsid oldSID?
>
> thank you very much, Christoph
>
>
> On Wednesday 30 November 2005 09:49, christoph empl
> wrote:
>> Hi,
>>
>> my problem is the following:
>> i am trying to replace an old SUSE 8.2, Samba 2.2
>> domain controller with a SUSE 9.3 system with samba
>> 3.0 as PDC.
>> Everything works fine, i can join the new domain, i
>> replaced the machine and domain sid from the new
>> server with the old ones.
>
> I hope you followed the guidance documented in
chapter
> 8 of my book "Samba-3
> by Example, second edition". This book is available
> from Amazon.Com in
> printed form, or if you want PDF you can obtain it
> from:
>
> http://www.samba.org/samba/docs/Samba3-ByExample.pdf
>
>> But how can reuse the profiles from the old
machine
>> at the new one?
>> If i make a simple remote copy, the settings of the
>> users are lost, i miss my german keyboard layout
and
>> so on.
>
> On the old machine:
>
> cd /var/lib/samba
> rsync -ave ssh profiles newmachine:/var/lib/samba
>
>> I think that this is a problem regarding the sids
of
>> the users. How can i find out the sids from the old
>> machine and how can i replace the new ones with the
>> old ones on the new server?
>
> You must preserve the uids and gids - see chapter 8
> referred to above.
>
>> I tried to do it with " pdbedit -u username -G
> oldSID"
>> (i retrieved the old SID from the logs, but i don't
>> know how to generally get it), but it obviously
> isn't
>> changed, because "pdbedit -Lv username" still shows
>> the old SID.
>
> - John T.
>
>
>
>
>
>
> _______________________________________________________
___________________________________________________________
Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de
More information about the samba
mailing list