[Samba] PDC migration from suse 8.2 - samba 2.2.7 ldap - to latest versions on ubuntu 8.04
GG
jojomi at gmail.com
Wed Apr 7 08:59:17 MDT 2010
you are right! please excuse me I misread!
Giorgio
On 4/7/10, Gaiseric Vandal <gaiseric.vandal at gmail.com> wrote:
> They should be the same SID. The SID of a DC should the same as the SID of
> the domain itself. And if you had multiple DC's they should all have the
> same SID.
>
> At least that is what I have and it seems to work for me.
>
>
>
>
> On 04/07/2010 10:14 AM, GG wrote:
> > Hello Vladimir and anyone else reading :-) !
> >
> > Attaching these files:
> >
> > - gg-edited.ldif
> > - slapd.conf.destination.txt
> > - slapd.conf.source.txt
> > - ldap.conf.destination.txt
> > - ldap.conf.source.txt
> > - slapadd-ing.LOG this was the log while importing ldif
> >
> >
> > NET SID ETC
> > net setlocalsid
> S-1-5-21-1168...........-..................-...............2
> > net setdomainsid
> S-1-5-21-1168...........-..................-...............1
> >
> > does net setlocal and domain sid have sense or should it be
> > net setdomainsid
> > twice with different sids?
> >
> > Thanks very much!
> >
> > Giorgio
> >
> > On 4/6/10, Vladimir
> Psenicka<vladimir.psenicka at prodeco.cz> wrote:
> >
> >
> > > Hi Gorgio
> > >
> > > Dne 2.4.2010 17:01, GG napsal(a):
> > >
> > >
> > > > Hi all,
> > > >
> > > > So I have
> > > > openldap2-2.1.12-74
> > > > samba-2.2.7a-72
> > > >
> > > > I would like to migrate this existing PDC service to a new server and
> > > > to current production / stable releases (especially for windows 7
> > > > joining to the domain).
> > > >
> > > > New server is Debian Lenny stable.
> > > >
> > > > I have exported the domain SID, and ldap.ldif
> > > >
> > > > Now lets get down to it :-)
> > > > Before importing should I do something about organizational units and
> so? How?
> > > >
> > > >
> > > >
> > > > > Import only data to LDAP no configs (slapcat->slapadd)
> > > > >
> > > > >
> > > > slapadd -c -l slapcat.ldif
> > > > I did this but attached errors showed up.
> > > >
> > > > Error, entries missing!
> > > > entry 3: dc=people,dc=ExampleDomain,dc=it
> > > > entry 4: dc=groups,dc=people,dc=ExampleDomain,dc=it
> > > >
> > > >
> > > Can you post first 100 lines of your ldif you try to import? You
> > > probably missing some base ldif.
> > >
> > >
> > >
> > > >
> > > > I know nothing about ldap, but my ldap is probably missing some pre
> > > > required settings ? :-/
> > > >
> > > >
> > > >
> > > Can you post slapd.conf also?
> > >
> > >
> > >
> > >
> > > > Cheers!
> > > > Giorgio
> > > >
> > > >
> > > >
> > > > > Configs yes, live data no, but if you have ldap it *should* be
> enough to
> > > > > import ldif from old server, configure samba to use ldap and run
> smbpasswd
> > > > > -W to store ldap admin dn pass to secrets.tdb. After that you can
> test if
> > > > > samba see imported users in ldap (pdbedit -L).
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On 3/27/10, Vladimir
> Psenicka<vladimir.psenicka at prodeco.cz> wrote:
> > > >
> > > >
> > > > > On Fri, 26 Mar 2010 15:32:50 +0100, GG<jojomi at gmail.com> wrote:
> > > > >
> > > > >
> > > > > > wow I made it!
> > > > > >
> > > > > > I copied net and all the libs it complained about from another
> suse
> > > > > > server which was not missing it :-)
> > > > > >
> > > > > > [2010/03/26 15:07:37, 0]
> param/loadparm.c:map_parameter(2435)
> > > > > > Unknown parameter encountered: "domain admin group"
> > > > > > [2010/03/26 15:07:37, 0]
> param/loadparm.c:lp_do_parameter(3125)
> > > > > > Ignoring unknown parameter "domain admin group"
> > > > > > SID for domain
> ThisIsLikeTheHostNameOrMaybeAtestDomain???
> > > > > > is: S-1-5-21-1bla bla
> > > > > > SID for domain THISISMYDOMAIN is: S-1-5-other-bla bla
> > > > > >
> > > > > > Which shall I import?
> > > > > >
> > > > > >
> > > > > >
> > > > > Import both for sure:-). First is localsid, second is domainsid
> > > > >
> > > > >
> > > > >
> > > > > > So now back to mail number 2 :-)
> > > > > >
> > > > > > LDAP: I exported ldif :-) now
> > > > > > I copied /etc/groups passwd shadow aliases
> > > > > >
> > > > > > now on the new server:
> > > > > >
> > > > > > how do I import LDAP and all its configs,
> > > > > > samba and all its configs are only in smb.conf?
> > > > > >
> > > > > >
> > > > > >
> > > > > Import only data to LDAP no configs (slapcat->slapadd)
> > > > > Configs yes, live data no, but if you have ldap it *should* be
> enough to
> > > > > import ldif from old server, configure samba to use ldap and run
> smbpasswd
> > > > > -W to store ldap admin dn pass to secrets.tdb. After that you can
> test if
> > > > > samba see imported users in ldap (pdbedit -L).
> > > > >
> > > > >
> > > > >
> > > > > > :-)
> > > > > > Giorgio
> > > > > >
> > > > > >
> > > > > >
> > > > > > On 3/26/10, Vladimir
> Psenicka<vladimir.psenicka at prodeco.cz> wrote:
> > > > > >
> > > > > >
> > > > > > > Paste ldap admin dn or ldap suffix in your smb.conf
> > > > > > >
> > > > > > > Dne 26.3.2010 15:24, Vladimir Psenicka napsal(a):
> > > > > > >
> > > > > > >
> > > > > > > > try this:
> > > > > > > >
> > > > > > > > ldapsearch -x -h localhost -D
> "cn=Manager,dc=WORKGROUP,dc=it" -W -b
> > > > > > > >
> "sambaDomainName=WORKGROUP,dc=WORKGROUP,dc=it"
> > > > > > > >
> > > > > > > > Dne 26.3.2010 15:00, GG napsal(a):
> > > > > > > >
> > > > > > > >
> > > > > > > > > Hello!
> > > > > > > > >
> > > > > > > > > I'm stuck on getdomainsid: Net command is missing even
> though libs
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > and
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > > smbclient are installed.
> > > > > > > > >
> > > > > > > > > I tried this:
> > > > > > > > > # ldapsearch -x -h localhost -D "cn=Manager,dc=domain,dc=it"
> -W -b
> > > > > > > > > "sambaDomainName=WORKGROUP,dc=domain,dc=it"
> > > > > > > > > Enter LDAP Password:
> > > > > > > > > # extended LDIF
> > > > > > > > > #
> > > > > > > > > # LDAPv3
> > > > > > > > > #
> base<sambaDomainName=WORKGROUP,dc=domain,dc=it> with scope
> sub
> > > > > > > > > # filter: (objectclass=*)
> > > > > > > > > # requesting: ALL
> > > > > > > > > #
> > > > > > > > >
> > > > > > > > > # search result
> > > > > > > > > search: 2
> > > > > > > > > result: 34 Invalid DN syntax
> > > > > > > > > text: invalid DN
> > > > > > > > >
> > > > > > > > > # numResponses: 1
> > > > > > > > >
> > > > > > > > > So: I'm not sure what is
> sambaDomainName=domain,dc=domain,dc=it...
> > > > > > > > > I used WORKGROUP as it is the domain we use on pcs and the
> only one
> > > > > > > > > defined in smb.conf
> > > > > > > > >
> > > > > > > > > I also tried using my pdc HOSTNAME
> > > > > > > > >
> > > > > > > > > and this was returned
> > > > > > > > > # LDAPv3
> > > > > > > > > #
> base<sambaDomainName=hostname,dc=domain,dc=it> with scope
> sub
> > > > > > > > > # filter: (objectclass=*)
> > > > > > > > > # requesting: ALL
> > > > > > > > > #
> > > > > > > > >
> > > > > > > > > # search result
> > > > > > > > > search: 2
> > > > > > > > > result: 34 Invalid DN syntax
> > > > > > > > > text: invalid DN
> > > > > > > > >
> > > > > > > > > # numResponses: 1
> > > > > > > > >
> > > > > > > > > Any way to get through this or how to use net command? Maybe
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > updating
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > > samba-client?
> > > > > > > > >
> > > > > > > > > I tried rpm -i samba-client but it says
> > > > > > > > > file /usr/share/man/man1/smbclient.1.gz
> from install of
> > > > > > > > > samba-client-2.2.12-1.suse82 conflicts with file from
> package
> > > > > > > > > samba-client-2.2.7a-72 when trying to rpm -i
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > samba-client-2.2.12-1.rpm
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > > I found also the original package but it says it is already
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > installed.
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > > What happens if I remove samba-client and reinstall it soon
> after on
> > > > > > > > > the production pdc?
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Giorgio
> > > > > > > > >
> > > > > > > > > On 3/26/10, Vladimir
> Psenicka<vladimir.psenicka at prodeco.cz> wrote:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > > Dne 26.3.2010 13:50, GG napsal(a):
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > Hello!
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > Have you samba-client package installed?
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > yes I do at least smbclient is there! but no net command
> :-/
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > PAVOUK\psenicka at psenicka:~> rpm -qf `which net`
> > > > > > > > > > > > > samba-client-3.5.1-4.1.x86_64
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > So here are the issues encountered...
> > > > > > > > > > > file /usr/share/man/man1/smbclient.1.gz
> from install of
> > > > > > > > > > > samba-client-2.2.12-1.suse82 conflicts with file from
> package
> > > > > > > > > > > samba-client-2.2.7a-72 when trying to rpm -i
> > > > > > > > > > > samba-client-2.2.12-1.rpm
> > > > > > > > > > > I found on net...
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > or you can dig domainsid from ldap
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > This sounds interesting! How do I do that?
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > modify to your needs (domain):
> > > > > > > > > >
> > > > > > > > > > ldapsearch -x -h ldap -D "cn=admin,dc=domain,dc=cz" -W -b
> > > > > > > > > > "sambaDomainName=domain,dc=domain,dc=cz"
> > > > > > > > > >
> > > > > > > > > > sambaSID: is your domainsid
> > > > > > > > > >
> > > > > > > > > > or you can use phpldapadmin to manage you ldap from
> browser
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > Thanks very much!
> > > > > > > > > > > Giorgio
> > > > > > > > > > >
> > > > > > > > > > > On 3/26/10, GG<jojomi at gmail.com> wrote<script
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > type="text/javascript"
> > > > >
> src="https://mail.prodeco.cz/roundcube/program/js/tiny_mce/themes/advanced/langs/cs.js?s=1240817786"></script>:
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > Hi!
> > > > > > > > > > > >
> > > > > > > > > > > > I'll be at it in a few minutes installing samba client
> / net
> > > > > > > > > > > > command :-)
> > > > > > > > > > > >
> > > > > > > > > > > > I have a question about the samba sernet repos:
> > > > > > > > > > > > Shall I apt-get remove samba and use
> > > > > > > > > > > >
> http://enterprisesamba.com/index.php?id=148 +
> > > > > > > > > > > >
> http://enterprisesamba.com/index.php?id=56
> > > > > > > > > > > > instead from start?
> > > > > > > > > > > >
> > > > > > > > > > > > What is the real advantage of sernet? What about
> installing
> > > > > > > > > > > > official
> > > > > > > > > > > > samba.org packages, are there differences with sernet
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > (stability?)
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > or
> > > > > > > > > > > > is it just a more liberal repository?
> > > > > > > > > > > >
> > > > > > > > > > > > Also I read
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Ensure that all local user and group accounts
> that are used by
> > > > > > > > > > > > > > > samba
> > > > > > > > > > > > > > > have the same uid/gid.
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > Shall I copy /etc/shadow and /etc/passwd over? other
> files for
> > > > > > > > > > > > groups
> > > > > > > > > > > > and users?
> > > > > > > > > > > >
> > > > > > > > > > > > I use rsync --verbose --progress --stats --compress
> --rsh=ssh \
> > > > > > > > > > > > --recursive --times --perms --links \
> > > > > > > > > > > > --owner --group --devices --specials \
> > > > > > > > > > > > --exclude-from '/root/exclude.txt (if any, not in
> this case
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > as
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > I'm only syncing data dir)' \
> > > > > > > > > > > > root at old_PDC:/DATA /DATA
> > > > > > > > > > > >
> > > > > > > > > > > > This should bring over every attribute set on files...
> correct?
> > > > > > > > > > > >
> > > > > > > > > > > > [[[did only partially in one case: I set up a twin
> install (fresh
> > > > > > > > > > > > install then live cd and full rsync and after that I
> kept mbr,
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > but
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > changed /boot and the /ect/fstab settings) and the
> server started
> > > > > > > > > > > > etc.. LDAP did not work though: authentication was not
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > available...
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > So I must be missing something or this rsync parameter
> set must
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > be
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > missing something.. I had disconnected old PDC, set
> same IP and
> > > > > > > > > > > > hostname to the VM well this worked well for other
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > virtualizations
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > and
> > > > > > > > > > > > in this PDC I need to upgrade to win7 compatible samba
> version
> > > > > > > > > > > > anyway
> > > > > > > > > > > > :-)
> > > > > > > > > > > > This was another story but just to share it as it is
> an excellent
> > > > > > > > > > > > way
> > > > > > > > > > > > of migrating sometimes specially for machines you do
> not master
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > and
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > this is my case very often.]]]
> > > > > > > > > > > >
> > > > > > > > > > > > Cheers,
> > > > > > > > > > > > Giorgio
> > > > > > > > > > > >
> > > > > > > > > > > > On Fri, Mar 26, 2010 at 9:14 AM, Vladimir Psenicka
> > > > > > > > > > > > <vladimir.psenicka at prodeco.cz> wrote:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > Hi
> > > > > > > > > > > > >
> > > > > > > > > > > > > Dne 25.3.2010 17:41, GG napsal(a):
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > Hello Vladimir, John and all the NG :-)
> > > > > > > > > > > > > > Thanks so much for answering. I really hoped
> someone would :-)
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > So I installed Debian latest stable netinst on the
> future
> > > > > > > > > > > > > > production
> > > > > > > > > > > > > > server and here are my issues in the quotes :-( no
> net command
> > > > > > > > > > > > > > on my
> > > > > > > > > > > > > > suse 8.2
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > Cheers :-)
> > > > > > > > > > > > > > Giorgio
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > > On Thu, Mar 25, 2010 at 14:00, John H
> Terpstra<*@samba.org>
> > > > > > > > > > > > > > > wrote:
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > On 03/25/2010 03:33 AM, Vladimir Psenicka
> wrote:
> > > > > > > > > > > > > > > > What about Debian Stable with Sernet samba
> repo, where you
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > can
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > choose
> > > > > > > > > > > > > > > > Samba 3.4.x or 3.5.x
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > My hints on migrating to new server:
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > 1. install new server (Samba,ldap etc.)
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > done :-) Debian Stable netinst
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > 2. set same hostname on new server
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > My ignorance comes out :-)
> > > > > > > > > > > > > > Must I set it different from the production server
> as FW points
> > > > > > > > > > > > > > production.domain.com - I have clients using
> DNS=oldPDC and PDC
> > > > > > > > > > > > > > forwards queries to FW. FW has pdc.domain.com
> defined to point
> > > > > > > > > > > > > > to lan
> > > > > > > > > > > > > > ip.
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > Ok, can be changed later
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > 3. export ldap data from old server and import
> them to new
> > > > > > > > > > > > > > > > server
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > slapcat -f /etc/openldap/ldap.conf -l /ldap.ldif
> > > > > > > > > > > > > > OK
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Ensure that all local user and group accounts
> that are used by
> > > > > > > > > > > > > > > samba
> > > > > > > > > > > > > > > have the same uid/gid.
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > my ignorance again... another hint?
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > 4. export SID (net getlocalsid) and set it on
> new server (net
> > > > > > > > > > > > > > > > setlocalsid oldsid)
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Note:
> > > > > > > > > > > > > > > net getdomainsid (on old server)
> > > > > > > > > > > > > > > net setdomainsid (on new server)
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > thanks :-)
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > # net getdomainsid
> > > > > > > > > > > > > > -bash: net: command not found :-( and not found in
> yast
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > I understand it has to do with extracting the sid
> from
> > > > > > > > > > > > > > /etc/samba/secrets.tdb but how do I install the
> command? suse
> > > > > > > > > > > > > > 8.2 yast
> > > > > > > > > > > > > > has now net package and googling net is.. well
> wow!
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > Have you samba-client package installed?
> > > > > > > > > > > > >
> > > > > > > > > > > > > PAVOUK\psenicka at psenicka:~> rpm -qf `which net`
> > > > > > > > > > > > > samba-client-3.5.1-4.1.x86_64
> > > > > > > > > > > > >
> > > > > > > > > > > > > or you can dig domainsid from ldap
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > 5. configure samba on new server as PDC with
> ldap and shares
> > > > > > > > > > > > > > > > in smb.conf
> > > > > > > > > > > > > > > > from old samba smb.conf (check with testparm)
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > I see it only contains shares so I bet smb.conf
> would just keep
> > > > > > > > > > > > > > all
> > > > > > > > > > > > > > the old settings rigth? /DATA will be rsynced
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > Maybe smb.conf from Samba2 is too different from
> Samba 3. I will
> > > > > > > > > > > > > keep
> > > > > > > > > > > > > current smb.conf on new server and add only shares
> from old
> > > > > > > > > > > > > smb.conf to
> > > > > > > > > > > > > new smb.conf.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > 6. stop samba on old server
> > > > > > > > > > > > > > > > 7. copy all data (with perms) and netlogon
> share to new
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > server
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > 8. stop old server
> > > > > > > > > > > > > > > > 9. start samba on new server a check
> everything is working
> > > > > > > > > > > > > > > > fine (domain
> > > > > > > > > > > > > > > > logon from windows box, shares and perms)
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > This can be done best when no users are logged
> in samba
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > (maybe
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > at weekend?)
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > P.S. We have ubuntu 8.04 as PDC and Windows 7
> can't join to
> > > > > > > > > > > > > > > > domain
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > thanks I move to Debian with ease :-) ubuntu is a
> great deb
> > > > > > > > > > > > > > derived right?
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > Ubuntu 8.04 LTS is now older than Debian Stable.
> When Ubuntu
> > > > > > > > > > > > > 10.04 LTS
> > > > > > > > > > > > > comes out this will be no longer truth.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Check http://wiki.samba.org for info regarding
> Windows 7.
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Cheers,
> > > > > > > > > > > > > > > John T.
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > Dne 25.3.2010 01:05, GG napsal(a):
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > Hello Vladimir and hi all,
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > Thanks very much for replying!
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > Any suggested os? I'd go for debian or what
> advised, I just
> > > > > > > > > > > > > > > > > happen to
> > > > > > > > > > > > > > > > > know ubuntu more...
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > Any strategy or hint on migrating from
> ancient ldap + samba
> > > > > > > > > > > > > > > > > to a new server?
> > > > > > > > > > > > > > > > > Already tried rsyncing (using all options to
> keep perms and
> > > > > > > > > > > > > > > > > attributes
> > > > > > > > > > > > > > > > > grp own mod etc) on a twin v-machine but
> server starts and
> > > > > > > > > > > > > > > > > the ldap
> > > > > > > > > > > > > > > > > auth fails to work :-(
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > I'm a bit stuck at the moment :-( and I have
> posponed the
> > > > > > > > > > > > > > > > > problem for
> > > > > > > > > > > > > > > > > too long grrr
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > Giorgio
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > On Wed, Mar 24, 2010 at 9:20 AM, Vladimir
> Psenicka
> > > > > > > > > > > > > > > > > <vladimir.psenicka at prodeco.cz> wrote:
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > Dne 23.3.2010 15:48, Giorgio napsal(a):
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > Hello,
> > > > > > > > > > > > > > > > > > > Hopefully I'm in the right place asking
> for help :-)
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > I need to move from an old physical Suse
> 8.2 - samba 2.2.7
> > > > > > > > > > > > > > > > > > > + ldap - to
> > > > > > > > > > > > > > > > > > > latest samba versions, I would like to
> use an ubuntu 8.04
> > > > > > > > > > > > > > > > > > > virtual machine.
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > The domain is in production on the
> physical server, to be
> > > > > > > > > > > > > > > > > > > dismissed after
> > > > > > > > > > > > > > > > > > > migration. It is also the file server!!!
> so /DATA/ has all
> > > > > > > > > > > > > > > > > > > shared and
> > > > > > > > > > > > > > > > > > > permission driven file access..
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > I was following
> > > > > > > > > > > > > > > > > > >
> https://help.ubuntu.com/8.10/serverguide/C/samba-dc.html
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > but
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > I realize I am in a different
> scenario...
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > Production so no errors are admitted
> :-(, migration to new
> > > > > > > > > > > > > > > > > > > os and versions..
> > > > > > > > > > > > > > > > > > > all at once?
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > I have a dump of the physical server (dd
> sda mbr and
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > single
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > partitions :)
> > > > > > > > > > > > > > > > > > > plus an rsync with all permissions daily
> backup, just to
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > be
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > safe ;)
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > What would you guru's suggest as a
> strategy?
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > Can I create a new server and add it as
> secondary domain
> > > > > > > > > > > > > > > > > > > controller and then
> > > > > > > > > > > > > > > > > > > once the replica is up? I'd feel quite
> comfortable with
> > > > > > > > > > > > > > > > > > > this method.
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > BTW I need a new version of samba as
> they have already
> > > > > > > > > > > > > > > > > > > bought Windows 7
> > > > > > > > > > > > > > > > > > > boxes (without asking if they were
> supported arrgh).
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > Thanks to all of you who read or
> answered :-)
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > > Gio
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > Hi.
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > Ubuntu 8.10 is bad idea if you will be
> connecting Windows 7
> > > > > > > > > > > > > > > > > > into domain,
> > > > > > > > > > > > > > > > > > because of old Samba version. Samba 3.4.x
> or 3.5.x is
> > > > > > > > > > > > > > > > > > recommended for
> > > > > > > > > > > > > > > > > > Win7. Wait for Ubuntu 10.04 LTS (next
> month) if you want
> > > > > > > > > > > > > > > > > > Ubuntu.
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > > --
> > > > > > > > > > > > > > > > > > Vladimir Psenicka
> > > > > > > > > > > > > > > > > > --
> > > > > > > > > > > > > > > > > > To unsubscribe from this list go to the
> following URL and
> > > > > > > > > > > > > > > > > > read the
> > > > > > > > > > > > > > > > > > instructions:
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > https://lists.samba.org/mailman/options/samba
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > --
> > > > > > > > > > > > > > > To unsubscribe from this list go to the
> following URL and read
> > > > > > > > > > > > > > > the
> > > > > > > > > > > > > > > instructions:
> https://lists.samba.org/mailman/options/samba
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > --
> > > > > > > > > > > > > Vladimir Psenicka
> > > > > > > > > > > > > IT system engineer
> > > > > > > > > > > > > PRODECO, a.s.
> > > > > > > > > > > > > Tel.: 417 633 762
> > > > > > > > > > > > > --
> > > > > > > > > > > > > To unsubscribe from this list go to the following
> URL and read
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > the
> > > > >
> > > > >
> > > > > >
> > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > instructions:
> https://lists.samba.org/mailman/options/samba
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > --
> > > > > > > > > > Vladimir Psenicka
> > > > > > > > > > IT system engineer
> > > > > > > > > > PRODECO, a.s.
> > > > > > > > > > Tel.: 417 633 762
> > > > > > > > > > --
> > > > > > > > > > To unsubscribe from this list go to the following URL and
> read the
> > > > > > > > > > instructions:
> https://lists.samba.org/mailman/options/samba
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Vladimir Psenicka
> > > > > > > IT system engineer
> > > > > > > PRODECO, a.s.
> > > > > > > Tel.: 417 633 762
> > > > > > > --
> > > > > > > To unsubscribe from this list go to the following URL and read
> the
> > > > > > > instructions:
> https://lists.samba.org/mailman/options/samba
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > --
> > > > > To unsubscribe from this list go to the following URL and read the
> > > > > instructions:
> https://lists.samba.org/mailman/options/samba
> > > > >
> > > > >
> > > > >
> > > >
> > >
> > > --
> > > Vladimir Psenicka
> > > IT system engineer
> > > PRODECO, a.s.
> > > Tel.: 417 633 762
> > >
> > >
> > >
> >
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:
> https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list