[Samba] migrate users to ldap

Markus Krause krause at biochem.mpg.de
Wed Feb 28 23:55:19 GMT 2007

thanks for your answer!

Zitat von Felipe Augusto van de Wiel <felipe at paranacidade.org.br>:
> Hash: SHA1
> On 02/27/2007 08:16 PM, Markus Krause wrote:
>> Thank you for your answer.
>> I actually did not point out exactly enough what i want to do,
>> sorry for that ...
>> I read these postings and also some sections in the samba howto
>> and several descriptions on the net, but i understand all these
>> in that way, that the samba server is reconfigured to use ldap
>> and "stays" there. at the moment we are some time away from
>> finally migrating all samba accounts, which are currently stored
>> in smbpasswd, to ldap and it is no option to take down and
>> reconfigure samba even for a short time.
> 	Hmmm, sorry, but I can see how you want to accomplish that.
> You are changing the backend, you need to tell samba about this.
well, that exactly is the point, i do _not_ want to or better simply  
_cannot_ change the backend at the moment, i just want/need a snapshot  
of the current samba accounts in smbpasswd and _copy_ them in ldap.  
the samba server should not even know about that! the problem is that  
we can not switch off our samba server for even some minutes (at least  
without a notice several days in advance!), we have several terabytes  
of data, about 1500 accounts, and as the most of them are scientists  
and quite a lot are even working nights and weekends so there is  
actually no time the (samba) fileserver is not in (heavy) use...
and to make some serious testing on reliablity (and a lot other  
things) i need just a copy of all accounts in ldap.

>> so what i in fact need is a way to get a snapshot of the current
>> accounts and copy them into ldap, the samba server should/can/must
>> not be touched (i mean start/stop/reconfigure etc.) in any way
>> during this process. can this be done ?
> 	I'm not sure I _really_ understood what you want, but
> using some of the famous migration script, you can create your
> new LDAP database in a few minutes, them you need to tell
> Samba to start using the new backend (LDAP) instead of the old
> backend (smbpasswd file).
volker gave some hints on how to do this (using pdbedit and a separate  
config file) and i'll try that as soon i have compiled a version of  
pdbedit with ldapsam support included ... as soon i got this done i'll  
report in case someone else may search the archives ;-)


| Markus Krause, Mogli-Soft                                       |
| Support for Mac OS X, Webmail/Horde, LDAP, RADIUS               |
| by order of the                                                 |
|    Computing Center of the Max-Planck-Institute of Biochemistry |
| E-Mail: krause at biochem.mpg.de  |  Tel.: 089 - 89 40 85 99       |
|         markus.krause at mac.com  |  Fax.: 089 - 89 40 85 98       |
|  Skype: markus.krause          | iChat: markus.krause at mac.com   |

      This message was sent using https://webmail2.biochem.mpg.de
If you encounter any problems please report to rz-linux at biochem.mpg.de

More information about the samba mailing list