[Samba] account migartion from NIS and Smbpasswd to LDAP

John H Terpstra jht at samba.org
Mon Mar 14 19:33:47 GMT 2005

On Monday 14 March 2005 12:22, Paul Gienger wrote:
> > There are both machine accounts and user accounts in the "smbpasswd"
> > file. 

If you do not specify a "passdb backend" the default is to use an smbpasswd 
backend and it will contain both user and machine accounts.

If the "passdb backend" specifies LDAP Samba will place user and machine 
accounts into the locations specified by:

ldap machine suffix =
ldap user suffix =

> > So pdbedit will automatically put machine accounts into 
> > ou=Computers and user accounts into ou=users, am I right?

pdbedit will do as instructed in smb.conf via the above.

> That I couldn't tell you honestly.  It stands to reason that the command
> could figure out which is which, but I have no empirical data to back
> that up.
> >>> I've tried "smbldap-migrate-unix-accounts" to migrate NIS account
> >>> into LDAP. It is a great tool. There is no problem if he/she
> >>> authenticate from Linux machine with his old NIS account. But I
> >>> found that I need to run smbldap-passwd to give a new passwd so that
> >>> he/she can authenticate from windows machine. Does anyone has a
> >>> better solution about it?

There is no better solution because the passwords that are stored in NIS can 
not be decrypted and then recrypted into the format needed by Windows.

On the other hand, if you already have an smbpasswd file that was previously 
used with NIS, then you can migrate just the NIS copmonent into the LDAP 
backend and then use:

	pdbedit -i smbpasswd -e ldapsam

to migrate the existing Windows passwords.

> >>
> >> So by your subject line it appears that you have a smbpasswd file
> >> someplace.  You can use the pdbedit command with import and export
> >> flags to move the relevant fields over to ldap.

- John T.
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.

More information about the samba mailing list