[Samba] Domain Member Server passdb Migration/Change

Tom Robinson trobinson at intelligentspace.com
Fri Jan 26 15:17:42 GMT 2007


Hi,

We have a linux/samba only domain serving files to about 16-18 Windows 
clients (mostly XP, a few W2K).

PDC:
SuSE OpenXchange 4.4
samba 2.2.8a
openldap 2.1.4

Domain Member Server
Fedora Core 1
samba 3.0.10

Currently the Domain Member Server uses the default passdb backend 
(/etc/samba/smbpasswd). Each user in the ldap directory on the PDC has a 
duplicate entry in both the /etc/samba/smbpasswd and /etc/passwd on the 
Domain Member Server. All this works great. ;-)

We're migrating to a new server to replace the Domain Member Server.

NEW Domain Member Server
CentOS 4.4
samba 3.0.10

I'm assuming I can just copy the /etc/samba/smbpasswd and /etc/passwd 
from the old Domain Member Server to the new one. Will this work?

What would I have to do to activate the domain membership of the NEW 
Domain Member Server?

Another question is, is there a way to link directly into the PDC for 
authentication so that I don't have to use the /etc/samba/smbpasswd and 
/etc/passwd databases?


Thanks in advance,

Tom Robinson

-----
PDC smb.conf
  [global]
    server string = pdc
    add user script = /usr/sbin/addsmbmachine2ldap %m
    username map = /etc/samba/smbusers
    admin users = administrator root
    domain admin group = @domaingroup
    domain logons = yes
    domain master = yes
    hosts allow = xxx.xxx.xxx.
    bind interfaces only = yes
    interfaces = xxx.xxx.xxx.xxx
    encrypt passwords = yes
    ldap admin dn = uid=user,dc=somedomain,dc=com
    ldap del only sam attr = Yes
    ldap filter = (&(uid=%u)(objectclass=sambaAccount))
    ldap port = 389
    ldap server = localhost
    ldap ssl = No
    ldap suffix = dc=somedomain,dc=com
    log file = /var/log/samba/%m.log
    log level = 1
    max log size = 0
    logon script = logon.bat
    logon home = \\%L\%U
    logon path = \\%L\profiles\%U
    os level = 255
    preferred master = yes
    printcap name = CUPS
    printing = CUPS
    security = user
    socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
    syslog = 0
    time server = yes
    unix extensions = yes
    veto files = /*.eml/*.nws/riched20.dll/*.{*}/
    wins support = yes
    workgroup = DOMAIN
    netbios aliases = pdc
    netbios name = pdc

Domain Member Server smb.conf
[global]
         server string = %h :-)
         netbios name = dms
         workgroup = DOMAIN

         security = server
         password server = pdc
         encrypt passwords = Yes
         null passwords = yes

         guest ok = no

         wins support = no
         wins proxy = no
         wins server = xxx.xxx.xxx.xxx

         domain master = no
         local master = no
         preferred master = no
         os level = 0

         log level = 0
         log file = /var/log/samba/%m.log
         max log size = 0

         bind interfaces only = yes
         interfaces = xxx.xxx.xxx.xxx
         smb ports = 139
         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192


-- 
Tom Robinson
Systems Adminstrator



Intelligent Space
Parchment House
13 Northburgh Street
London
EC1V 0JP
t: 020 7014 5980
f: 020 7014 5981
e: gtempleton at intelligentspace.com
w: http://www.intelligentspace.com

The information in this e-mail and any attachment is confidential. It 
isintended only for the named recipient(s). If you are not a named 
recipient please notify the sender immediately and then delete it 
without disclosing the contents to another person or taking copies.



More information about the samba mailing list