[Samba] LDAP/Samba issues when replacing server

Felipe Augusto van de Wiel felipe at paranacidade.org.br
Fri Sep 29 15:34:59 GMT 2006

Hash: SHA1

On 09/20/2006 11:48 PM, dahopkins at comcast.net escreveu:
> I hope that someone can let me know what I have done wrong.
> I need to replace and existing server (server1) with a new 
> server (server2).  Server1 is currently running LDAP/Samba
> (3.0.14).  Profiles stored in /opt/samba/profiles
> I installed all of the pieces, and LDAP works (mostly, I 
> have an issue, see below)
> I ran net getlocalsid DOMAINNAME on server1  
> used the SID value in net setlocalsid command on the new 
> server.
> I then tried to import the old ldif but got errors about 
> existing keys, so deleted the ldap database, and then
> imported the ldif obtained from server1 without errors.
> Checked with net getlocalsid DOMAINNAME that the SID 
> returned was correct. Tried net getlocalsid which
> returned the same SID but for the local machine name
> (server2).  Finally, net rpc getsid also reports the
> correct SID as being placed in the secrets.tbd file
> on server2. (The above is slightly different than on
> server1 for which net getlocalsid just returned an
> error about not being able to get the name).  The two
> servers are at different versions of samba though.
> Old is at 3.0.14, while new is 3.0.23a, so perhaps this
> is to be expected.
> I can log on with any of the Linux LDAP accounts. BUT .... 
> still have issue with Samba.  In particular, none of
> the old profiles are recognized.  I tried both nfs
> mounting /opt/samba to server1:/opt/samba as well as
> copying all of /opt/samba to the new server.  When I
> log onto a Windows TS new profiles are created which
> is an issue since there are a couple of packages that
> have to be customized.  In particular, every student
> has a TTL3.ini file in their WINDOWS directory (e.g.
> /home/student01/WINDOWS/TTL3.ini)  With the old
> server, this file directory is recognized and the
> ini settings are applied.  With the new server they
> are not.

	Did you copy the relevant tdb files?

> Additionally, on the Linux system,  su - student01 
> just hangs.  Same with any account.
> Similarly, running 
> passwd dahopkins returns
> Changing password for user dahopkins.
> passwd: Authentication token manipulation error

	Did you run 'smbpasswd -w' to store LDAP password?

> I guess things just aren't quite right yet. :0
> So, can someone point me direction or offer a reason 
> why the new server does not look the same to the Windows
> Terminal Server as far as account profiles are concerned?

	Looks like that not evertyhing was backedup and
restored in the new server, and there are a few missing

> Thanks,
> Dave Hopkins
> Newark Charter School
> Newark Delaware

	Kind regards,

- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org


More information about the samba mailing list