[Samba] Server Migration Problem

Matt Skerritt matt.skerritt at agrav.net
Thu Oct 2 09:32:08 GMT 2008 

Oops - I accidently sent this reply direct to Helmut, isntead of to  
the list. Here it is for the list.

My most humble apologies to you Helmut - I neglected to check which  
address the reply was going to.

On 02/10/2008, at 7:02 PM, Helmut Hullen wrote:

> Hallo, Matt,

Gidday, and thankyou for your reply.

> Have you transferred the "localsid" from the old to the new server?

I just tried this then, and it didn't seem to make a difference.  The  
old server has two SID's ... Here's the output

> matt at corwin2 ~ $ sudo net getlocalsid
> SID for domain CORWIN2 is: S-1-5-21-2514297305-1808913229-953362460
> matt at corwin2 ~ $ sudo net getlocalsid ALLSTAFF
> SID for domain ALLSTAFF is: S-1-5-21-3463326904-3566436207-4149259612

(I'm not going to bother hiding the domain and computer names  
anymore). ALLSTAFF is the name of the samba domain.  CORWIN2 is the  
name of the old server. The name of the new server is INFRASTRUCTURE.

The localsid on INFRASTRUCTURE used to be  
"S-1-5-21-1308997507-3478987709-343013683"

I tried using  net setlocalsid to change the SID on the new server,  
and tried both of the SID's above form CORWIN2, but the clients still  
did not see the domain controller in either case.


I have the following entries in my ldap database for the domains   
(from a ldapsearch sambaDomainName=* ):

> # INFRASTRUCTURE, Allstaff Recruitment, Hamilton, NSW, AU
> dn: sambaDomainName=INFRASTRUCTURE,o=Allstaff  
> Recruitment,l=Hamilton,st=NSW,c=
>  AU
> sambaDomainName: INFRASTRUCTURE
> sambaSID: S-1-5-21-1308997507-3478987709-343013683
> sambaAlgorithmicRidBase: 1000
> objectClass: sambaDomain
> sambaNextUserRid: 1000
> sambaMinPwdLength: 5
> sambaPwdHistoryLength: 0
> sambaLogonToChgPwd: 0
> sambaMaxPwdAge: -1
> sambaMinPwdAge: 0
> sambaLockoutDuration: 30
> sambaLockoutObservationWindow: 30
> sambaLockoutThreshold: 0
> sambaForceLogoff: -1
> sambaRefuseMachinePwdChange: 0
>
> # ALLSTAFF, Allstaff Recruitment, Hamilton, NSW, AU
> dn: sambaDomainName=ALLSTAFF,o=Allstaff  
> Recruitment,l=Hamilton,st=NSW,c=AU
> sambaDomainName: ALLSTAFF
> sambaSID: S-1-5-21-3463326904-3566436207-4149259612
> sambaAlgorithmicRidBase: 1000
> objectClass: sambaDomain
> sambaNextUserRid: 1000
> sambaMinPwdLength: 5
> sambaPwdHistoryLength: 0
> sambaLogonToChgPwd: 0
> sambaMaxPwdAge: -1
> sambaMinPwdAge: 0
> sambaLockoutDuration: 30
> sambaLockoutObservationWindow: 30
> sambaLockoutThreshold: 0
> sambaForceLogoff: -1
> sambaRefuseMachinePwdChange: 0


Should I try and set the sambaSID entry for the ALLSTAFF domain to be  
the SID for INFRASTRUCTURE?


> Sometimes that helps:
>
>        change "domain logon" to "workgroup"; new start
>        change "workgroup" to "domain logon"; new start
>
> Sometimes you may need to change the computername too. But that  
> leeds to
> problems with the profile ...
> The background may be some information about the old server is stored
> somewhere in the client's registry.

Yes, I've been trying this , and it's not working :(. ... I'm just  
about at the stage where I'm going to set the NETBIOS name of the new  
server to be the same as the old server ;)

--
Matt Skerritt
matt.skerritt at agrav.net

More information about the samba mailing list