[Samba] PDC migration from suse 8.2 - samba 2.2.7 ldap - to latest versions on ubuntu 8.04

GG jojomi at gmail.com
Fri Mar 26 06:50:11 MDT 2010 

Hello!

> > Have you samba-client package installed?
> >

yes I do at least smbclient is there! but no net command :-/

> > PAVOUK\psenicka at psenicka:~> rpm -qf `which net`
> > samba-client-3.5.1-4.1.x86_64

So here are the issues encountered...
file /usr/share/man/man1/smbclient.1.gz from install of
samba-client-2.2.12-1.suse82 conflicts with file from package
samba-client-2.2.7a-72 when trying to rpm -i samba-client-2.2.12-1.rpm
I found on net...

> >
> > or you can dig domainsid from ldap

This sounds interesting! How do I do that?

Thanks very much!
Giorgio

On 3/26/10, GG <jojomi at gmail.com> wrote:
> Hi!
>
> I'll be at it in a few minutes installing samba client / net command :-)
>
> I have a question about the samba sernet repos:
> Shall I apt-get remove samba and use
> http://enterprisesamba.com/index.php?id=148 +
> http://enterprisesamba.com/index.php?id=56
>  instead from start?
>
> What is the real advantage of sernet? What about installing official
> samba.org packages, are there differences with sernet (stability?) or
> is it just a more liberal repository?
>
> Also I read
> >>> Ensure that all local user and group accounts that are used by samba
> >>> have the same uid/gid.
>
> Shall I copy /etc/shadow and /etc/passwd over? other files for groups
> and users?
>
> I use rsync --verbose  --progress --stats --compress --rsh=ssh \
>      --recursive --times --perms --links  \
>      --owner --group --devices --specials \
>      --exclude-from '/root/exclude.txt (if any, not in this case as
> I'm only syncing data dir)' \
>      root at old_PDC:/DATA /DATA
>
> This should bring over every attribute set on files... correct?
>
> [[[did only partially in one case: I set up a twin install (fresh
> install then live cd and full rsync and after that I kept mbr, but
> changed /boot and the /ect/fstab settings) and the server started
> etc.. LDAP did not work though: authentication was not available...
> So I must be missing something or this rsync parameter set must be
> missing something.. I had disconnected old PDC, set same IP and
> hostname to the VM well this worked well for other virtualizations and
> in this PDC I need to upgrade to win7 compatible samba version anyway
> :-)
> This was another story but just to share it as it is an excellent way
> of migrating sometimes specially for machines you do not master and
> this is my case very often.]]]
>
> Cheers,
> Giorgio
>
> On Fri, Mar 26, 2010 at 9:14 AM, Vladimir Psenicka
> <vladimir.psenicka at prodeco.cz> wrote:
> > Hi
> >
> > Dne 25.3.2010 17:41, GG napsal(a):
> >> Hello Vladimir, John and all the NG :-)
> >> Thanks so much for answering. I really hoped someone would :-)
> >>
> >> So I installed Debian latest stable netinst on the future production
> >> server and here are my issues in the quotes :-( no net command on my
> >> suse 8.2
> >>
> >> Cheers :-)
> >> Giorgio
> >>
> >>
> >>> On Thu, Mar 25, 2010 at 14:00, John H Terpstra <*@samba.org> wrote:
> >>>> On 03/25/2010 03:33 AM, Vladimir Psenicka wrote:
> >>>> What about Debian Stable with Sernet samba repo, where you can choose
> >>>> Samba 3.4.x or 3.5.x
> >>>>
> >>>> My hints on migrating to new server:
> >>>>
> >>>> 1. install new server (Samba,ldap etc.)
> >>
> >> done :-) Debian Stable netinst
> >>
> >>>> 2. set same hostname on new server
> >> My ignorance comes out :-)
> >> Must I set it different from the production server as FW points
> >> production.domain.com - I have clients using DNS=oldPDC and PDC
> >> forwards queries to FW. FW has pdc.domain.com defined to point to lan
> >> ip.
> >>
> >
> > Ok, can be changed later
> >
> >>>> 3. export ldap data from old server and import them to new server
> >>
> >> slapcat -f /etc/openldap/ldap.conf -l /ldap.ldif
> >> OK
> >>
> >>> Ensure that all local user and group accounts that are used by samba
> >>> have the same uid/gid.
> >> my ignorance again... another hint?
> >>>
> >>>> 4. export SID (net getlocalsid) and set it on new server (net
> >>>> setlocalsid oldsid)
> >>>
> >>> Note:
> >>>  net getdomainsid (on old server)
> >>>  net setdomainsid (on new server)
> >> thanks :-)
> >>
> >> # net getdomainsid
> >> -bash: net: command not found :-( and not found in yast
> >>
> >> I understand it has to do with extracting the sid from
> >> /etc/samba/secrets.tdb but how do I install the command? suse 8.2 yast
> >> has now net package and googling net is.. well wow!
> >>
> >
> > Have you samba-client package installed?
> >
> > PAVOUK\psenicka at psenicka:~> rpm -qf `which net`
> > samba-client-3.5.1-4.1.x86_64
> >
> > or you can dig domainsid from ldap
> >
> >>>> 5. configure samba on new server as PDC with ldap and shares in smb.conf
> >>>> from old samba smb.conf (check with testparm)
> >>
> >> I see it only contains shares so I bet smb.conf would just keep all
> >> the old settings rigth? /DATA will be rsynced
> >>
> >
> > Maybe smb.conf from Samba2 is too different from Samba 3. I will keep
> > current smb.conf on new server and add only shares from old smb.conf to
> > new smb.conf.
> >
> >>>> 6. stop samba on old server
> >>>> 7. copy all data (with perms) and netlogon share to new server
> >>>> 8. stop old server
> >>>> 9. start samba on new server a check everything is working fine (domain
> >>>> logon from windows box, shares and perms)
> >>>>
> >>>> This can be done best when no users are logged in samba (maybe at weekend?)
> >>>>
> >>>> P.S. We have ubuntu 8.04 as PDC and Windows 7 can't join to domain
> >>
> >> thanks I move to Debian with ease :-) ubuntu is a great deb derived right?
> >>
> > Ubuntu 8.04 LTS is now older than Debian Stable. When Ubuntu 10.04 LTS
> > comes out this will be no longer truth.
> >
> >>> Check http://wiki.samba.org for info regarding Windows 7.
> >>>
> >>> Cheers,
> >>> John T.
> >>>
> >>>> Dne 25.3.2010 01:05, GG napsal(a):
> >>>>> Hello Vladimir and hi all,
> >>>>>
> >>>>> Thanks very much for replying!
> >>>>>
> >>>>> Any suggested os? I'd go for debian or what advised, I just happen to
> >>>>> know ubuntu more...
> >>>>>
> >>>>>
> >>>>> Any strategy or hint on migrating from ancient ldap + samba to a new server?
> >>>>> Already tried rsyncing (using all options to keep perms and attributes
> >>>>> grp  own mod etc) on a twin v-machine but server starts and the ldap
> >>>>> auth fails to work :-(
> >>>>>
> >>>>> I'm a bit stuck at the moment :-( and I have posponed the problem for
> >>>>> too long grrr
> >>>>>
> >>>>> Giorgio
> >>>>>
> >>>>> On Wed, Mar 24, 2010 at 9:20 AM, Vladimir Psenicka
> >>>>> <vladimir.psenicka at prodeco.cz> wrote:
> >>>>>> Dne 23.3.2010 15:48, Giorgio napsal(a):
> >>>>>>> Hello,
> >>>>>>> Hopefully I'm in the right place asking for help :-)
> >>>>>>>
> >>>>>>> I need to move from an old physical Suse 8.2 - samba 2.2.7 + ldap - to
> >>>>>>> latest samba versions, I would like to use an ubuntu 8.04 virtual machine.
> >>>>>>>
> >>>>>>> The domain is in production on the physical server, to be dismissed after
> >>>>>>> migration. It is also the file server!!! so /DATA/ has all shared and
> >>>>>>> permission driven file access..
> >>>>>>>
> >>>>>>> I was following https://help.ubuntu.com/8.10/serverguide/C/samba-dc.html but
> >>>>>>> I realize I am in a different scenario...
> >>>>>>>
> >>>>>>> Production so no errors are admitted :-(, migration to new os and versions..
> >>>>>>> all at once?
> >>>>>>>
> >>>>>>> I have a dump of the physical server (dd sda mbr and single partitions :)
> >>>>>>> plus an rsync with all permissions daily backup, just to be safe ;)
> >>>>>>>
> >>>>>>>
> >>>>>>> What would you guru's suggest as a strategy?
> >>>>>>>
> >>>>>>> Can I create a new server and add it as secondary domain controller and then
> >>>>>>> once the replica is up? I'd feel quite comfortable with this method.
> >>>>>>>
> >>>>>>> BTW I need a new version of samba as they have already bought Windows 7
> >>>>>>> boxes (without asking if they were supported arrgh).
> >>>>>>>
> >>>>>>> Thanks to all of you who read or answered :-)
> >>>>>>>
> >>>>>>> Gio
> >>>>>>
> >>>>>> Hi.
> >>>>>>
> >>>>>> Ubuntu 8.10 is bad idea if you will be connecting Windows 7 into domain,
> >>>>>> because of old Samba version. Samba 3.4.x or 3.5.x is recommended for
> >>>>>> Win7. Wait for Ubuntu 10.04 LTS (next month) if you want Ubuntu.
> >>>>>>
> >>>>>> --
> >>>>>> Vladimir Psenicka
> >>>>>> --
> >>>>>> To unsubscribe from this list go to the following URL and read the
> >>>>>> instructions:  https://lists.samba.org/mailman/options/samba
> >>>>>>
> >>>>
> >>>>
> >>>
> >>> --
> >>> To unsubscribe from this list go to the following URL and read the
> >>> instructions:  https://lists.samba.org/mailman/options/samba
> >
> >
> > --
> > Vladimir Psenicka
> > IT system engineer
> > PRODECO, a.s.
> > Tel.: 417 633 762
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
>

More information about the samba mailing list