[Samba] migrate machine-passwords from smbpasswd to ldap?

peter pilsl pilsl at goldfisch.at
Thu Jan 11 16:40:27 GMT 2007 

I'm just migrating a whole samba-installations ffrom old 2.2 to 3.0 with LDAP.
I was successfully able to migrate all useraccounts with smbldap-useradd but now 
I'm stuck with the machine-accounts. All machines are part of the domain and 
they should be able to logon the new server without noticing any difference.

I can add them with smbldap-useradd -w but the resulting ldap-entry does not 
have any samba-attributes, especially the sambaNTpassword and 
sambaLMpassword-fields are not set !!

I think that these passwords are essential to keep the trustrelation between 
server and machines.

I'm not sure about some details also:

1) the machines still have the $ as last name, so the machine  dummy should be 
in the ldap-structure with uid=dummy$ ?!

2) am I right that sambaNTPassword and sambaLMPassword needs to be the same on 
the new installation than the old one to let the machines stay in the domain 
without needing to leave and rejoin?

3) what about sambaSID for the existing machine? How do I get the correct 
sambaSID? Is the same than with users?  domainSID-1000+2*uid ?

4)  Do I need to add a machine as normal user first and then as machine, cause 
when I try to add the machine with pdbedit I get the following error:

#pdbedit -a -m -u ihf23$ 2>&1
doing parameter max log size = 10000
pm_process() returned Yes
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=IHF))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
The LDAP server is succesfully connected
Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=IHF))]
smbldap_open_connection: connection opened
ldap_connect_system: succesful connection to the LDAP server
The LDAP server is succesfully connected
ldapsam_add_sam_account: Adding new user
init_ldap_from_sam: Setting entry for user: ihf23$
ldapsam_modify_entry: Failed to add user dn= 
uid=ihf23$,ou=smbComputers,dc=ihf,dc=local with: Object class violation
         object class 'sambaSamAccount' requires attribute 'sambaSID'
ldapsam_add_sam_account: failed to modify/add user with uid = ihf23$ (dn = 
uid=ihf23$,ou=smbComputers,dc=ihf,dc=local)
Unable to add machine! (does it already exist?)


thnx,
peter



-- 
mag. peter pilsl - goldfisch.at
IT-Consulting
Tel: +43-650-3574035
Tel: +43-1-8900602
Fax: +43-1-8900602-15
skype: peter.pilsl
pilsl at goldfisch.at
www.goldfisch.at

More information about the samba mailing list