[Samba] Upgrading Samba

Daulton Theodore daulton at library.carleton.ca
Thu Jan 26 20:38:21 GMT 2006


I am in the process of planning for a samba upgrade. The current version
of Samba (2.2.8a) runs on a Sunfire 280R with Solaris 8. The intended
new platform is a sunfire V240 with Solaris 9 as the OS. The new version of 
Samba will be Samba-3.0.10. Please note that the Samba server will be a 
member of a domain.

I've read Samba-3 by Example, Chapter 8 which describes to the process of
updating from Samba 1.x and 2.x (without LDAP). It all seems very straight 
forward but refers to doing the upgrade on the same box. In my case I will
will be doing a migration to a new box and an upgrade at the same time. 

My plan is to prepare the V240 by installing samba3, and create the users.
I will then stop the samba2x, move the smbpasswd, smb.conf and tdb files 
(including secrets), and move the data files over from the old server. I 
will then shutdown old 280R and restart the new V240 with the ip address of
the the old server. I will then restart the samba daemon on the new server.

I am hoping that with the old server already a member of the domain and the
fact that I will be using the same ip address it will not be necessary to 
rejoin the domain. I am hoping this will work because I have had no luck in my
attempts to setup Samba3 as a test server (different ip address and netbios
name) and have it join the domain. The test machine account has been created
and recreated a number of times but I keep getting challenged for 
a password and end up with 'unable to join the domain' (Frustrating).

Any comments/suggestions on the above plan will be much appreciated. This
has been a work in progress for sometime now and I would really like to
move along.

One more question: If my attempt with Samba3 fails would there be any 
problems restarting the old 2.x server?

My conf file follows.

Thanks much in advance for all comments/suggestions.

======
# Global parameters
[globals]
   netbios name  = horntail
   server string = Library's %L %v
   workgroup     = domain_name
   local master  = no

   allow hosts   = 111.222.10. 111.222.200. 111.222.97. 111.222.98.128/255.255.255.192 111.222.98.64/255.255.255.224

   security      = domain
   browsable     = yes

   password server = server1 server2 server3 server4
   machine password timeout = 314496000
   remote announce = 111.222.135.95
   wins server = blackbird.nt.domain

#  force Samba to bind only to hme0
   interfaces    = 111.222.10.213/255.255.255.0
   bind interfaces only = yes
   socket options = SO_KEEPALIVE TCP_NODELAY
   deadtime     = 0

#  Encrypt all passwords stored in /usr/local/samba.private/smbpasswd
   encrypt passwords = yes
   username map = /usr/local/samba/lib/nt-names
   smb passwd file   = /usr/local/samba/private/smbpasswd

#  not allowed to log in
   invalid users = root daemon bin sys adm lp listen sshd\
                   erl webspirs samba rob jan daulton 

   writeable     = yes

#  Debug Logging information
#  lowered from 3 20050302 - dt
   log level = 2
   log file = /usr/local/samba/var/log.%m
   max log size = 2000
   debug timestamp = yes


#  printing stuff
   printing      = SYSV
   load printers = yes
   use client driver = yes
   printer admin = dtheodor


# ---------------------------------------
# Home Directory
# ---------------------------------------
[homedir]
   comment = %u
   path = /files1/user/%g/%u
   browseable = yes
   writeable = yes
   create mode = 0700

# ---------------------------------------
# Departments
# ---------------------------------------
[dept]
   comment = %g
   path = /files1/user/%g
   browseable = yes
   writeable = yes
   read only = no
   create mode = 0770


# --------------------------------------
# All department shares
# --------------------------------------
[alldepts]
   comment     = All Departments
   path        = /files1/user
   browseable  = no
   writeable   = yes
   hide files = /lost+found/

# --------------------------------------
# GIS on Array2
# --------------------------------------
[allgis]
   comment     = All GIS 
   path        = /files2/gis1
   browseable  = yes
   writeable   = yes
   hide files = /lost+found/

# ------------------------------------
# Shared directory for each department
# ------------------------------------
[deptshr]
   comment = %g Shared Directory
   path = /files1/user/%g/common
   read only    = no
   create mask = 0770
   force create mode = 0770
   directory mask = 0770
   writable     = yes
   browseable   = yes
   invalid users = +circdesk
   
# --------------------------------------
# shared directory for ALL staff
# --------------------------------------
[libshare]
   comment     = Library staff shared directory
   path        = /files1/user/common
   browseable  = yes
   writeable   = yes
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   valid users = +libsys +libmgmt +libacq +libarc +libcat +libcirc +librs +libmdgc +libgift +libcoll +libtrain +libill +libcof +libgis
   invalid users = +circdesk train1 train2 train3 train4 train5 train6 train7 train8 train8 train10 train11 train12 train13 train14 train15 train16 train17 train18
   

# ------------------------------------
# Circulation Shared directory  - 20051123 for dgavin
# ------------------------------------
[circshr]
   comment = Circ Shared Directory
   path = /files1/user/libcirc/common
   read only    = no
   create mask = 0770
   force create mode = 0770
   directory mask = 0770
   writable     = yes
   browseable   = yes
   valid users = +libsys
   invalid users = +circdesk smbadmin
   
# ---------------------------------------
# Training Room
# ---------------------------------------
[training]
   comment     = Training Shared Directory
   path        = /files1/user/libtrain/common
   browseable  = yes
   writeable   = yes
   create mask = 0777
   force create mode = 0777
   directory mask = 0777
   valid users = +libsys +libmgmt +libacq +libcat +libcirc +librs +libmdgc +libgift +libcoll +libtrain +libill +libcof
   invalid users = circdsk1

# ---------------------------------------
# Applications folder
# ---------------------------------------
[apps]
   comment = applications folder
   path = /files1/apps
   browseable = yes
   writeable = yes
   create mask = 0775    
   directory mask = 0775    
   hide files = /lost+found/
   valid users = +libsys +libmgmt +libacq +libarc +libcat +libcirc +librs +libmdgc +libgift +libcoll +libtrain
   invalid users = +circdesk

# -------------------------------------
# Cataloguer's Desktop
# -------------------------------------
[catdesk]
   comment = Cataloguer's Desktop
   path = /files1/apps/catdesk
   writeable = yes
   create mask = 0775
   directory mask = 0775
   hide files = /lost+found/
   valid users = +libsys +libmgmt +libacq +libarc +libcat +libcirc +librs +libmdgc +libgift +libcoll 
   invalid users = circdsk1 +libtrain
#
#  dt 20050131
#   valid users = +libsys +libmgmt +libacq +libarc +libcat +libcirc +librs +libmdgc +libgift +libcoll +libtrain
#   invalid users = circdsk1 
#
# -------------------------------------
# GIS DATA 
# -------------------------------------
[gis]
   comment = GIS Data
   path = /files2/gis1
   browseable = yes
   writeable = yes
   create mask = 0754
   force create mode = 0754
   directory mask = 0754
   force directory mode = 0754
   hide files = /lost+found/
   valid users = gisadmin +libgis +libtrain

#
# -------------------------------------
# STUDENT GIS DATA 
# -------------------------------------
[studentgis]
   comment = GIS Data
   path = /files2/gis2/student
   browseable = yes
   writeable = yes
   create mask = 0774
   force create mode = 0774
   directory mask = 0774
   force directory mode = 0774
   hide files = /lost+found/
   valid users = gisadmin +libgis +libtrain
   write list = gisadmin +libgis +libtrain

#
# -------------------------------------
# Circle of friends
# -------------------------------------
[cof]
   comment = Circle of Friends
   path = /files1/user/cof
   browseable = yes
   writeable = yes
   create mask = 0770
   force create mode = 0770
   directory mask = 0770
   force directory mode = 0770
   force group = libcof
   hide files = /lost+found/
   valid users = friends +libcof

# -------------------------------------
# Circle of friends
# -------------------------------------
[cof2]
   comment = Circle of Friends - libshare
   path = /files1/user/common/cof
   browseable = yes
   writeable = yes
   create mask = 0770
   force create mode = 0770
   directory mask = 0770
   force directory mode = 0770
   force group = libcof
   hide files = /lost+found/
   valid users = friends +libcof

# -------------------------------------
# PC-Rdist
# -------------------------------------
[pcrdist]
   comment = PC-Rdist
   path = /files1/pcrdist
   browseable = yes
   writeable = yes
   hide files = /lost+found/
   valid users = +libmdgc dsharp dtheodor smbadmin +libsys 
   invalid users = circdsk1

# -------------------------------------
# NEWSBANK
# -------------------------------------
[newsbank]
   comment = NewsBank
   path = /files1/pcrdist/newsbank
   browseable = yes
   writeable = yes
   hide files = /lost+found/
   valid users = +libmdgc dsharp dtheodor smbadmin +libsys
   invalid users = circdsk1


# -------------------------------------
# HOUSE OF COMMONS PARLIAMENTARY PAPERS
# -------------------------------------
[hcpp]
   comment = Parliamentary Papers
   path = /files1/pcrdist/hcpp
   browseable = yes
   writeable = yes
   hide files = /lost+found/
   valid users = +libmdgc dsharp dtheodor smbadmin +libsys
   invalid users = circdsk1


#--------------------------------------
# Printer definitions
# --------------------------------------
[printers]
   comment = Printers
   path = /tmp/smbspool
   printable = yes
   create mask = 0777
   force create mode = 0777
   browseable = yes
   public = yes
   print ok = yes
   admin users = +libsys smbadmin

-- 
----------------------------------- 0 ------------------------------------
Daulton Theodore                  </\    Tel: 613-520-2600 ext. 8352
Carleton University Library       _\\    Fax: 613-520-2750            
Systems Department                `/     Net: Daulton_Theodore at carleton.ca
---------------------------------- ` -------------------------------------


More information about the samba mailing list