[Samba] LDAP/Samba issues when replacing server
Felipe Augusto van de Wiel
felipe at paranacidade.org.br
Fri Sep 29 15:34:59 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
On 09/20/2006 11:48 PM, dahopkins at comcast.net escreveu:
> I hope that someone can let me know what I have done wrong.
> I need to replace and existing server (server1) with a new
> server (server2). Server1 is currently running LDAP/Samba
> (3.0.14). Profiles stored in /opt/samba/profiles
> I installed all of the pieces, and LDAP works (mostly, I
> have an issue, see below)
> I ran net getlocalsid DOMAINNAME on server1
> used the SID value in net setlocalsid command on the new
> I then tried to import the old ldif but got errors about
> existing keys, so deleted the ldap database, and then
> imported the ldif obtained from server1 without errors.
> Checked with net getlocalsid DOMAINNAME that the SID
> returned was correct. Tried net getlocalsid which
> returned the same SID but for the local machine name
> (server2). Finally, net rpc getsid also reports the
> correct SID as being placed in the secrets.tbd file
> on server2. (The above is slightly different than on
> server1 for which net getlocalsid just returned an
> error about not being able to get the name). The two
> servers are at different versions of samba though.
> Old is at 3.0.14, while new is 3.0.23a, so perhaps this
> is to be expected.
> I can log on with any of the Linux LDAP accounts. BUT ....
> still have issue with Samba. In particular, none of
> the old profiles are recognized. I tried both nfs
> mounting /opt/samba to server1:/opt/samba as well as
> copying all of /opt/samba to the new server. When I
> log onto a Windows TS new profiles are created which
> is an issue since there are a couple of packages that
> have to be customized. In particular, every student
> has a TTL3.ini file in their WINDOWS directory (e.g.
> /home/student01/WINDOWS/TTL3.ini) With the old
> server, this file directory is recognized and the
> ini settings are applied. With the new server they
> are not.
Did you copy the relevant tdb files?
> Additionally, on the Linux system, su - student01
> just hangs. Same with any account.
> Similarly, running
> passwd dahopkins returns
> Changing password for user dahopkins.
> passwd: Authentication token manipulation error
Did you run 'smbpasswd -w' to store LDAP password?
> I guess things just aren't quite right yet. :0
> So, can someone point me direction or offer a reason
> why the new server does not look the same to the Windows
> Terminal Server as far as account profiles are concerned?
Looks like that not evertyhing was backedup and
restored in the new server, and there are a few missing
> Dave Hopkins
> Newark Charter School
> Newark Delaware
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba