[Samba] Migrating a samba PDC to a new one

Paul Furness paul.furness at vil.ite.mee.com
Fri Sep 2 12:57:03 GMT 2005


Can anyone give me some help on migrating my Samba PDC from old hardware 
to a new box?

Old hardware is running RedHat 9, with Samba 3.0.2a-1. New hardware is 
running Fedora Core 4 with Samba 3.0.14a-2. Old (fully working) PDC is 
using tdbsam backend for passwords. For simplicity, I'd like to do the 
same on the new one, although I could also move to LDAP it that's what's 
needed, though I only have about 50 users.

Incidentally, the unix logins are looked after using NIS, and both 
servers are bound to the same NIS master, and it's working just fine.

I'm having trouble finding a nice, clear set of instructions as to how 
to migrate samba tdbsam to LDAP, or tdbsam from one server to another.

I tried setting up the new machine as a BDC (planning to promote it 
later), but it's not allowing any windows box to connect as anyone 
except root - just asks for username and password repeatedly. I did this 
from scratch by setting up the smb.conf file to say (with a few added 
netbios name = charlotte
workgroup = MY_DOMAIN_NAME
server string = My New BDC (charlotte)
passdb backend = tdbsam
security = user
#   password server = antonia  # This is the old PDC. Commented out 
right now.
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd # Not used?
local master = yes
os level = 40 # OS Level is set to 60 on old PDC
domain master = no  # Want to make this a BDC first
preferred master = yes
domain logons = yes
wins support = no #  Tried this both as yes and no, no different.
dns proxy = yes

I then ran:

net rpc getsid
net rpc join -S antonia -w MU_DOMAIN_NAME -Uroot%MY_PASSWORD

Both of these commands ran fine, giving the right answers.
I then copied (using rsync) /etc/samba/passdb.tdb from the old PDC to 
the new box in the same place.

Finally, (having checked with testparm) I started the smb service. It's 
fine, except that I'm unable to actually connect to the server from a 
windows workstation; it won't accept any username and password other 
than root, even although everything is in the same domain.

Can somebody give me some pointers here?



More information about the samba mailing list