AW: [Samba] Migration to Samba using external LDAP server (CLARIFICATION NEEDED)

Nathan Vidican nvidican at wmptl.com
Mon Oct 24 17:32:51 GMT 2005 

Pseudomizer wrote:
> Hello,
> 
> no one can help here? No hint how to do this? 
> 
> Please help. Thanks in advance.
> 
> Best regards,
> 
> Pseudomizer
> 
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces+pseudomizer=lovetalks.de at lists.samba.org
> [mailto:samba-bounces+pseudomizer=lovetalks.de at lists.samba.org] Im Auftrag
> von Pseudomizer
> Gesendet: Freitag, 21. Oktober 2005 17:27
> An: samba at lists.samba.org
> Betreff: [Samba] Migration to Samba using external LDAP server
> Wichtigkeit: Hoch
> 
> Hello,
> 
>  
> 
> we are in the process of implementing a samba server running 3.0.14 and an
> external LDAP server running Microsoft ADAM. We have it also running with
> Open LDAP for UNIX under Redhat. It works fine for every user account that
> accesses the samba instance. The user mapping is done and all works fine.
> 
>  
> 
> Now we have the major problem of the migration and I would need some
> guidance here please.
> 
>  
> 
> The external LDAP server does the mapping from the UID/GID to the SID from
> MS every time a new user accesses the samba instance. But now we want to
> consolidate multiple servers (from the same domain) to this samba instance.
> We have about ~2.000 users in our domain and we can not let all of them
> contact the samba server to create a user mapping.
> 
>  
> 
> The current situation is that we have to copy about 1.2TB of data to this
> samba server maintaining the user permissions. We are used to tools like
> Robocopy or Xcopy to migrate data to windows servers but in this case we are
> not sure what will happen with the permissions of the files if we use such
> tools with our samba server. 
> 
>  
> 
> So my questions would be:
> 
>  
> 
> -          Are there any procedure/best practices how to migrate to samba
> using external LDAP server?
> 

MIGRATE TO samba, or FROM samba, TO or FROM what? You speak of using an 
'external ldap server' above, is your intent to move away from using ldap and do 
things just with samba tdb backend, or do you want to move away from using LDAP 
to map to Active Directory SID's and just use LDAP to store the account 
information in alltogther... OR are you simply talking about migrating data (the 
1.2TB you spoke of above) from one server to another - in which case, ya might 
look into rsync.

Either way, a little clearification could go a long way, and a clearer question 
always leads to a more concise answer.

> -          How can we create the appropriate mapping on the external LDAP
> server to maintain the permissions?
> 
>  

NO idea, whatsoever, as to what you are asking here, see answer above; mapping 
for what; file permission, user data, and what exactly is meant by 'external 
ldap server', is it not on your network? Or by 'external', do you simply mean 
it's not part of the samba package, or that it's actually running on a different 
machine alltogether?


> 
> Any help would be appreciated and please do not reply with emails like
> "don't use samba, use NetApp" what happened in the past. We are not
> interested in any other expensive NAS solution.
> 
>  

This kinda makes me think you're using the Samba server as a back-end to store 
the files for a Windows server; why else others would have reccomended netapp is 
beyond me? Are you using samba to service the end users, or samba to service as 
a SAN-store of sorts to other windows servers in-turn servicing the end users? 
Too many questions and not enough details provided by you make it hard for 
anyone to help.

> 
> Thanks in advance.
> 
>  
> 
> Best regards,
> 
>  
> 
> Pseudomizer
> 
>  
> 

My suggestion; re-post with:

  A) First, what exactly are you trying to accomplish; what are your long term 
goals?

  B) Secondly, tell us how you're doing it now, and what specifically you don't 
like or what doesn't work (well).

  C) Lastly, explain what you want us (the mailing list) to send back to you; 
what do you want us to explain or help with, or do, changes with samba/etc...


Your question asking is good, but your method of asking provides us with just 
enough information to shake our heads and ask 'why, what-the, huh? ' ... take 
the time and clarify a little bit as to what you're looking for and perhaps 
you'll recieve better replies.


-- 
Nathan Vidican
nvidican at wmptl.com
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/

More information about the samba mailing list