[Samba] PDC migration from suse 8.2 - samba 2.2.7 ldap - to latest versions on ubuntu 8.04

GG jojomi at gmail.com
Fri Mar 26 08:00:20 MDT 2010 

Hello!

I'm stuck on getdomainsid: Net command is missing even though libs and
smbclient are installed.

I tried this:
# ldapsearch -x -h localhost -D "cn=Manager,dc=domain,dc=it" -W -b
"sambaDomainName=WORKGROUP,dc=domain,dc=it"
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <sambaDomainName=WORKGROUP,dc=domain,dc=it> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 34 Invalid DN syntax
text: invalid DN

# numResponses: 1

So: I'm not sure what is sambaDomainName=domain,dc=domain,dc=it...
I used WORKGROUP as it is the domain we use on pcs and the only one
defined in smb.conf

I also tried using my pdc HOSTNAME

and this was returned
# LDAPv3
# base <sambaDomainName=hostname,dc=domain,dc=it> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 34 Invalid DN syntax
text: invalid DN

# numResponses: 1

Any way to get through this or how to use net command? Maybe updating
samba-client?

I tried rpm -i samba-client but it says
file /usr/share/man/man1/smbclient.1.gz from install of
samba-client-2.2.12-1.suse82 conflicts with file from package
samba-client-2.2.7a-72 when trying to rpm -i samba-client-2.2.12-1.rpm

I found also the original package but it says it is already installed.

What happens if I remove samba-client and reinstall it soon after on
the production pdc?


Giorgio

On 3/26/10, Vladimir Psenicka <vladimir.psenicka at prodeco.cz> wrote:
> Dne 26.3.2010 13:50, GG napsal(a):
> > Hello!
> >
> >>> Have you samba-client package installed?
> >>>
> >
> > yes I do at least smbclient is there! but no net command :-/
> >
> >>> PAVOUK\psenicka at psenicka:~> rpm -qf `which net`
> >>> samba-client-3.5.1-4.1.x86_64
> >
> > So here are the issues encountered...
> > file /usr/share/man/man1/smbclient.1.gz from install of
> > samba-client-2.2.12-1.suse82 conflicts with file from package
> > samba-client-2.2.7a-72 when trying to rpm -i samba-client-2.2.12-1.rpm
> > I found on net...
> >
> >>>
> >>> or you can dig domainsid from ldap
> >
> > This sounds interesting! How do I do that?
> >
>
> modify to your needs (domain):
>
> ldapsearch -x -h ldap -D "cn=admin,dc=domain,dc=cz" -W -b
> "sambaDomainName=domain,dc=domain,dc=cz"
>
> sambaSID: is your domainsid
>
> or you can use phpldapadmin to manage you ldap from browser
>
> > Thanks very much!
> > Giorgio
> >
> > On 3/26/10, GG <jojomi at gmail.com> wrote:
> >> Hi!
> >>
> >> I'll be at it in a few minutes installing samba client / net command :-)
> >>
> >> I have a question about the samba sernet repos:
> >> Shall I apt-get remove samba and use
> >> http://enterprisesamba.com/index.php?id=148 +
> >> http://enterprisesamba.com/index.php?id=56
> >>  instead from start?
> >>
> >> What is the real advantage of sernet? What about installing official
> >> samba.org packages, are there differences with sernet (stability?) or
> >> is it just a more liberal repository?
> >>
> >> Also I read
> >>>>> Ensure that all local user and group accounts that are used by samba
> >>>>> have the same uid/gid.
> >>
> >> Shall I copy /etc/shadow and /etc/passwd over? other files for groups
> >> and users?
> >>
> >> I use rsync --verbose  --progress --stats --compress --rsh=ssh \
> >>      --recursive --times --perms --links  \
> >>      --owner --group --devices --specials \
> >>      --exclude-from '/root/exclude.txt (if any, not in this case as
> >> I'm only syncing data dir)' \
> >>      root at old_PDC:/DATA /DATA
> >>
> >> This should bring over every attribute set on files... correct?
> >>
> >> [[[did only partially in one case: I set up a twin install (fresh
> >> install then live cd and full rsync and after that I kept mbr, but
> >> changed /boot and the /ect/fstab settings) and the server started
> >> etc.. LDAP did not work though: authentication was not available...
> >> So I must be missing something or this rsync parameter set must be
> >> missing something.. I had disconnected old PDC, set same IP and
> >> hostname to the VM well this worked well for other virtualizations and
> >> in this PDC I need to upgrade to win7 compatible samba version anyway
> >> :-)
> >> This was another story but just to share it as it is an excellent way
> >> of migrating sometimes specially for machines you do not master and
> >> this is my case very often.]]]
> >>
> >> Cheers,
> >> Giorgio
> >>
> >> On Fri, Mar 26, 2010 at 9:14 AM, Vladimir Psenicka
> >> <vladimir.psenicka at prodeco.cz> wrote:
> >>> Hi
> >>>
> >>> Dne 25.3.2010 17:41, GG napsal(a):
> >>>> Hello Vladimir, John and all the NG :-)
> >>>> Thanks so much for answering. I really hoped someone would :-)
> >>>>
> >>>> So I installed Debian latest stable netinst on the future production
> >>>> server and here are my issues in the quotes :-( no net command on my
> >>>> suse 8.2
> >>>>
> >>>> Cheers :-)
> >>>> Giorgio
> >>>>
> >>>>
> >>>>> On Thu, Mar 25, 2010 at 14:00, John H Terpstra <*@samba.org> wrote:
> >>>>>> On 03/25/2010 03:33 AM, Vladimir Psenicka wrote:
> >>>>>> What about Debian Stable with Sernet samba repo, where you can choose
> >>>>>> Samba 3.4.x or 3.5.x
> >>>>>>
> >>>>>> My hints on migrating to new server:
> >>>>>>
> >>>>>> 1. install new server (Samba,ldap etc.)
> >>>>
> >>>> done :-) Debian Stable netinst
> >>>>
> >>>>>> 2. set same hostname on new server
> >>>> My ignorance comes out :-)
> >>>> Must I set it different from the production server as FW points
> >>>> production.domain.com - I have clients using DNS=oldPDC and PDC
> >>>> forwards queries to FW. FW has pdc.domain.com defined to point to lan
> >>>> ip.
> >>>>
> >>>
> >>> Ok, can be changed later
> >>>
> >>>>>> 3. export ldap data from old server and import them to new server
> >>>>
> >>>> slapcat -f /etc/openldap/ldap.conf -l /ldap.ldif
> >>>> OK
> >>>>
> >>>>> Ensure that all local user and group accounts that are used by samba
> >>>>> have the same uid/gid.
> >>>> my ignorance again... another hint?
> >>>>>
> >>>>>> 4. export SID (net getlocalsid) and set it on new server (net
> >>>>>> setlocalsid oldsid)
> >>>>>
> >>>>> Note:
> >>>>>  net getdomainsid (on old server)
> >>>>>  net setdomainsid (on new server)
> >>>> thanks :-)
> >>>>
> >>>> # net getdomainsid
> >>>> -bash: net: command not found :-( and not found in yast
> >>>>
> >>>> I understand it has to do with extracting the sid from
> >>>> /etc/samba/secrets.tdb but how do I install the command? suse 8.2 yast
> >>>> has now net package and googling net is.. well wow!
> >>>>
> >>>
> >>> Have you samba-client package installed?
> >>>
> >>> PAVOUK\psenicka at psenicka:~> rpm -qf `which net`
> >>> samba-client-3.5.1-4.1.x86_64
> >>>
> >>> or you can dig domainsid from ldap
> >>>
> >>>>>> 5. configure samba on new server as PDC with ldap and shares in smb.conf
> >>>>>> from old samba smb.conf (check with testparm)
> >>>>
> >>>> I see it only contains shares so I bet smb.conf would just keep all
> >>>> the old settings rigth? /DATA will be rsynced
> >>>>
> >>>
> >>> Maybe smb.conf from Samba2 is too different from Samba 3. I will keep
> >>> current smb.conf on new server and add only shares from old smb.conf to
> >>> new smb.conf.
> >>>
> >>>>>> 6. stop samba on old server
> >>>>>> 7. copy all data (with perms) and netlogon share to new server
> >>>>>> 8. stop old server
> >>>>>> 9. start samba on new server a check everything is working fine (domain
> >>>>>> logon from windows box, shares and perms)
> >>>>>>
> >>>>>> This can be done best when no users are logged in samba (maybe at weekend?)
> >>>>>>
> >>>>>> P.S. We have ubuntu 8.04 as PDC and Windows 7 can't join to domain
> >>>>
> >>>> thanks I move to Debian with ease :-) ubuntu is a great deb derived right?
> >>>>
> >>> Ubuntu 8.04 LTS is now older than Debian Stable. When Ubuntu 10.04 LTS
> >>> comes out this will be no longer truth.
> >>>
> >>>>> Check http://wiki.samba.org for info regarding Windows 7.
> >>>>>
> >>>>> Cheers,
> >>>>> John T.
> >>>>>
> >>>>>> Dne 25.3.2010 01:05, GG napsal(a):
> >>>>>>> Hello Vladimir and hi all,
> >>>>>>>
> >>>>>>> Thanks very much for replying!
> >>>>>>>
> >>>>>>> Any suggested os? I'd go for debian or what advised, I just happen to
> >>>>>>> know ubuntu more...
> >>>>>>>
> >>>>>>>
> >>>>>>> Any strategy or hint on migrating from ancient ldap + samba to a new server?
> >>>>>>> Already tried rsyncing (using all options to keep perms and attributes
> >>>>>>> grp  own mod etc) on a twin v-machine but server starts and the ldap
> >>>>>>> auth fails to work :-(
> >>>>>>>
> >>>>>>> I'm a bit stuck at the moment :-( and I have posponed the problem for
> >>>>>>> too long grrr
> >>>>>>>
> >>>>>>> Giorgio
> >>>>>>>
> >>>>>>> On Wed, Mar 24, 2010 at 9:20 AM, Vladimir Psenicka
> >>>>>>> <vladimir.psenicka at prodeco.cz> wrote:
> >>>>>>>> Dne 23.3.2010 15:48, Giorgio napsal(a):
> >>>>>>>>> Hello,
> >>>>>>>>> Hopefully I'm in the right place asking for help :-)
> >>>>>>>>>
> >>>>>>>>> I need to move from an old physical Suse 8.2 - samba 2.2.7 + ldap - to
> >>>>>>>>> latest samba versions, I would like to use an ubuntu 8.04 virtual machine.
> >>>>>>>>>
> >>>>>>>>> The domain is in production on the physical server, to be dismissed after
> >>>>>>>>> migration. It is also the file server!!! so /DATA/ has all shared and
> >>>>>>>>> permission driven file access..
> >>>>>>>>>
> >>>>>>>>> I was following https://help.ubuntu.com/8.10/serverguide/C/samba-dc.html but
> >>>>>>>>> I realize I am in a different scenario...
> >>>>>>>>>
> >>>>>>>>> Production so no errors are admitted :-(, migration to new os and versions..
> >>>>>>>>> all at once?
> >>>>>>>>>
> >>>>>>>>> I have a dump of the physical server (dd sda mbr and single partitions :)
> >>>>>>>>> plus an rsync with all permissions daily backup, just to be safe ;)
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> What would you guru's suggest as a strategy?
> >>>>>>>>>
> >>>>>>>>> Can I create a new server and add it as secondary domain controller and then
> >>>>>>>>> once the replica is up? I'd feel quite comfortable with this method.
> >>>>>>>>>
> >>>>>>>>> BTW I need a new version of samba as they have already bought Windows 7
> >>>>>>>>> boxes (without asking if they were supported arrgh).
> >>>>>>>>>
> >>>>>>>>> Thanks to all of you who read or answered :-)
> >>>>>>>>>
> >>>>>>>>> Gio
> >>>>>>>>
> >>>>>>>> Hi.
> >>>>>>>>
> >>>>>>>> Ubuntu 8.10 is bad idea if you will be connecting Windows 7 into domain,
> >>>>>>>> because of old Samba version. Samba 3.4.x or 3.5.x is recommended for
> >>>>>>>> Win7. Wait for Ubuntu 10.04 LTS (next month) if you want Ubuntu.
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> Vladimir Psenicka
> >>>>>>>> --
> >>>>>>>> To unsubscribe from this list go to the following URL and read the
> >>>>>>>> instructions:  https://lists.samba.org/mailman/options/samba
> >>>>>>>>
> >>>>>>
> >>>>>>
> >>>>>
> >>>>> --
> >>>>> To unsubscribe from this list go to the following URL and read the
> >>>>> instructions:  https://lists.samba.org/mailman/options/samba
> >>>
> >>>
> >>> --
> >>> Vladimir Psenicka
> >>> IT system engineer
> >>> PRODECO, a.s.
> >>> Tel.: 417 633 762
> >>> --
> >>> To unsubscribe from this list go to the following URL and read the
> >>> instructions:  https://lists.samba.org/mailman/options/samba
> >>>
> >>
>
>
> --
> Vladimir Psenicka
> IT system engineer
> PRODECO, a.s.
> Tel.: 417 633 762
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list