[Samba] Migrating from NT4 questions

Koenraad Lelong k.lelong at ace-electronics.be
Fri May 20 12:48:03 GMT 2005 

Hi,
I'm preparing to do a migration, but I'm having some doubts.
I installed 3.0.14a (from/for Suse) and I successfully joined the domain.
When I did a "net rpc vampire -S ..." there were some things that worry me :
...
Creating account: Administrator
[2005/05/17 12:35:31, 0] passdb/pdb_tdb.c:tdbsam_tdbopen(195)
   Unable to open/create TDB passwd
[2005/05/17 12:35:31, 0] passdb/pdb_tdb.c:tdbsam_getsampwrid(488)
   pdb_getsampwrid: Unable to open TDB rid database!
[2005/05/17 12:35:31, 0] utils/net_rpc_samsync.c:fetch_account_info(578)
   Could not find unix group 4294967295 for user Administrator (group 
SID=S-1-5-21-177555115-702490737-1861429907-513)
Creating account: Guest
[2005/05/17 12:35:31, 0] utils/net_rpc_samsync.c:fetch_account_info(578)
   Could not find unix group 4294967295 for user Guest (group 
SID=S-1-5-21-177555115-702490737-1861429907-514)
...
Creating account: ACE_SERVER_2$
[2005/05/17 12:35:31, 0] utils/net_rpc_samsync.c:fetch_account_info(578)
   Could not find unix group 4294967295 for user ACE_SERVER_2$ (group 
SID=S-1-5-21-177555115-702490737-1861429907-513)
...
I think the messages "Unable to open ..." are normal for a brand-new 
installation, but the "Could not find unix group 4294967295" is what 
worries me : that number is a representation of -1. Unix-group -1 does 
indeed not exist. Also all machine-ID's give the same error. All these 
errors concern SID -513, except for user Guest, there it's SID -514.
Is it normal to have unix-users for machines ($-suffix) ?
I do have a "smbusers"-file containing "root = Administrator".
net groupmap list gives a list of my groups, but several are linked to 
unix-group -1 (like Users, Print Operators, Power Users, etc).
pdbedit -L give all my users, plus machine-names. But Administrator has 
it's own linux-account. Then there is a user that has
user-number 4294967295 : "Koenraad:4294967295:Koenraad Lelong", that's 
me, my linux-user-name (koenraad) already existed.
smb.conf is enclosed.
Is there anything wrong with my procedure/setup ? Any pointers ?
TIA
-- 
Met vriendelijke groeten,
Koenraad Lelong
R&D Manager
ACE electronics n.v.



-------------- next part --------------
# Global parameters
[global]
 workgroup = ACE_DOMAIN
 netbios name = LACE2
 interfaces = eth0, lo
 bind interfaces only = Yes
 passdb backend = tdbsam
 pam password change = Yes
 passwd program = /usr/bin/passwd %u
 passwd chat = *New*Password* %n\n *Re-enter*new*password*%n\n *Password*changed*
 username map = /etc/samba/smbusers
 unix password sync = Yes
 log level = 1
 syslog = 0
 log file = /var/log/samba/%m
 max log size = 50
 smb ports = 139 445
 name resolve order = wins bcast hosts
 time server = Yes
 printcap name = CUPS
 show add printer wizard = No
 add user script = /usr/sbin/useradd -m '%u'
 delete user script = /usr/sbin/userdel -r '%u'
 add group script = /usr/sbin/groupadd '%g'
 delete group script = /usr/sbin/groupdel '%g'
 add user to group script = /usr/sbin/usermod -G '%g' '%u'
 add machine script = /usr/sbin/useradd -s /bin/false -d /tmp '%u'
 shutdown script = /var/lib/samba/scripts/shutdown.sh
 abort shutdown script = /sbin/shutdown -c
 logon script = scripts\logon.bat
 logon path = \\%L\profiles\%U
 logon drive = X:
 logon home = \\%L\%U
 domain logons = Yes
 domain master = No
# preferred master = Yes
 wins support = Yes
 utmp = Yes
 map acl inherit = Yes
 printing = cups
 veto files = /*.eml/*.nws/*.{*}/
 veto oplock files = /*.doc/*.xls/*.mdb/


[IPC$]
 path = /tmp
 hosts allow = 192.168.0.0/24, 127.0.0.1
 hosts deny = 0.0.0.0/0

[homes]
 comment = Home Directories
 valid users = %S
 read only = No
 browseable = No

[printers]
 comment = SMB Print Spool
 path = /var/spool/samba
 guest ok = Yes
 printable = Yes
 use client driver = Yes
 default devmode = Yes
 browseable = No

[netlogon]
 comment = Network Logon Service
 path = /var/lib/samba/netlogon
 guest ok = Yes
 locking = No

[profiles]
 comment = Profile Share
 path = /var/lib/samba/profiles
 read only = No
 profile acls = Yes
 
[test-share]
 comment = Test Share
 path = /net/samba
 read only = No

More information about the samba mailing list