[Samba] migrate old samba2.2.8 - smbpasswd to new samba3.0 - ldap - based

Felipe Augusto van de Wiel felipe at paranacidade.org.br
Tue Jan 9 15:23:10 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/09/2007 10:14 AM, peter pilsl escreveu:
> I'm just migrating a medium sambainstallation from old samba2.2.8 to new
> samba 3.0.  The server is acting as PDC and there is no BDC.
> 
> The new samba is based on LDAP and is already successfully tested. Now I
> need to transfer the whole old smbpasswd to the new ldap-style to
> convert users and machines with minimal effort. Especially I dont want
> to break the relations between the machines and the server (otherwise I
> would need to run to 80 machines and rejoin the new domain ....) and the
> user-auth.

	You are looking for smbldap-tools.

http://cvs.samba.org/cgi-bin/cvsweb/samba/examples/LDAP/smbldap-tools/
http://www.idealx.com/content/view/184/169/lang,fr/


> There is a NTPassword and a LMPassword in the new LDAP-structure and
> there are two similar numbers in the old smbpasswd-file. Is this the
> same? Can I just transfer this hashes for users and machines and
> everything is fine?

	Yes, they are. But it is going to be easier and safer if you
use smbldap-tools. ;)


> And whats with the PrimaryGroupSID thats needed in the LDAP-structure
> (like S-1-5-21-669212683-4259385398-1987947194-513)  - I couldnt find
> this in the old smbpasswd-structure?  Can I just set this on my own?

	Kind of. You should check 'net groupmap'.


> As you see I'm at the state of shooting in the dark and fiddling and
> trying around. Any insight would be greatly appretiated.

	Peter, check the [1]Samba HOWTO and the [2]Samba By Example.
You should also check [3]Samba LDAP HOWTO from Ignacio Coupeau, it is
a little bit out-of-date, but has some cool info.

  1. http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/
  2. http://www.samba.org/samba/docs/man/Samba-Guide/
  3. http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html


	The above documentation has examples and nice information
about migration scenarios, configuration and LDAP parameters, if
you feel like something is missing in the documentation, please
let us know.


> thnx
> peter

	Kind regards,

- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFo7NeCj65ZxU4gPQRAjwDAKCIludMXoUxCondKWNllNHvuqhTPgCgmYJm
XkmGibEn2U1rsoj2ldEqdew=
=IyUr
-----END PGP SIGNATURE-----


More information about the samba mailing list