[Samba] migrate profile from an old server to a new one - SID and ntuser.dat problem

christoph empl m_itch_de at yahoo.de
Tue Dec 6 14:50:55 GMT 2005


thank you for your quick answer...

Sorry, i forgot to tell you that i replaced the sid of
the new server with the sid of the old server. 
But then i have the problem that the user sid (and
gid) are structured like this:
old-sid-from-the-new-server-uid and not
sid-from-the-old-server-uid (the head of the users sid
consists of the sid from the new server, the one that
i replaced with the sid of the old server). So the
Users don't have access rights to their profiles,
because they don't have their original sids.

thank you, Christoph


Your problem is that while having a new server, by
you have a new server SID. The problem is that you
want to
manage users who own SID from your 2.2 server. As we
imagine to lose all users profile, you have to set the
samba server SID on your 3.0 samba server.

This is a common migration problem.

What you must do is:

1) On Samba 2.2: pick your 2.2 server SID

smbpasswd -X {your_domain}
This will give you a string like this one:
SID for domain mydomain is:

2) On Samba 3.0: setting 3.0 SID with SID picked on
Save the current 3.0 SID for eventual recovery needs
net getlocalsied > file_to_save_3.0_SID

Set 2.2 SID on 3.0 PDC like this:
net setlocalsid

Restart samba and I think things should go better.



christoph empl wrote:
> Hi,
> i did the change according to your guideline, but id
> don't know how i can preserve the sids and gids of
> users. I am working with exact the same uids and
> as on the old server, i have changed the sid of the
> server (is it a problem the "net getlocalsid" shows
> another sid as "net getlocalsid domainname" ?), but
> the user sids differ from the user sids from the old
> server. Is it a solution to change all sids in each
> ntuser.dat to the new value? 
> Is it possible that the mistake is that i have to
> the new server a different hostname (routing and
> testing reason), or why isn't it enough to change
> sid with "net setlocalsid oldSID?
> thank you very much, Christoph
> On Wednesday 30 November 2005 09:49, christoph empl
> wrote:
>> Hi,
>> my problem is the following:
>> i am trying to replace an old SUSE 8.2, Samba 2.2
>> domain controller with a SUSE 9.3 system with samba
>> 3.0 as PDC.
>> Everything works fine, i can join the new domain, i
>> replaced the machine and domain sid from the new
>> server with the old ones.
> I hope you followed the guidance documented in
> 8 of my book "Samba-3 
> by Example, second edition". This book is available
> from Amazon.Com in 
> printed form, or if you want PDF you can obtain it
> from:
> http://www.samba.org/samba/docs/Samba3-ByExample.pdf
>> But how can  reuse the profiles from the old
>> at the new one?
>> If i make a simple remote copy, the settings of the
>> users are lost, i miss my german keyboard layout
>> so on.
> On the old machine:
> 	cd /var/lib/samba
> 	rsync -ave ssh profiles newmachine:/var/lib/samba
>> I think that this is a problem regarding the sids
>> the users. How can i find out the sids from the old
>> machine and how can i replace the new ones with the
>> old ones on the new server?
> You must preserve the uids and gids - see chapter 8
> referred to above.
>> I tried to do it with " pdbedit -u username -G
> oldSID"
>> (i retrieved the old SID from the logs, but i don't
>> know how to generally get it), but it obviously
> isn't
>> changed, because "pdbedit -Lv username" still shows
>> the old SID.
> - John T.
> _______________________________________________________

Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de

More information about the samba mailing list