[Samba] backend migration and Samba upgrade.
Bastien Semene
bsemene at cyanide-studio.com
Wed May 5 07:37:36 MDT 2010
Short background :
Due to Windows Seven deplaoyment we have to upgrade Samba 3.0 to Samba
3.4 (actually less version but I see no reason not to go directly to 3.4).
And due to SQL backend support aborted we have to switch from SQL
backend to LDAP backend.
What I have in mind to do this migration is the following :
-install samba 34/OpenLDAP (I also change the machine in the meantime)
-configure Samba 34 to use the ldap backend, the smb.conf will be
rewriten from scratch.
- sync the sid with net getlocalsid and netsetlocalsid.
-pdbedit -e to export users and pdbedit -eg to export groups (on the old
server).
-pdbedit -i and pdbedit -ig on the new server.
-tests.
I'm far to be an expert in Samba, so advices on this procedure are very
welcome.
While checking that everything should be ok, I did a pdbedit -L and many
lines (less than 1000) like this one appeared :
lookup_global_sam_rid: looking up RID 513.
Executing query SELECT
nt_logon_time,nt_logoff_time,nt_kickoff_time,nt_pass_last_set_time,nt_pass_can_change_time,nt_pass_must_change_time,username,nt_domain,nt_username,gecos,nt_homedir,nt_dir_drive,nt_logon
Can't find a unix id for an unmapped group
No user SID retrieved from database!
There are 3 RIDs concerned : 513, 11001, 515.
Can I correct this error before migrating ? Is it mandatory/interesting
to correct this error ?
This is the output of the testparm command :
Load smb config files from /usr/local/etc/smb.conf
Processing section "[netlogon]"
Unknown parameter encountered: "readable"
Ignoring unknown parameter "readable"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = CYANIDE
netbios name = PDC
server string = Primary Domain Controller
passdb backend = mysql:foo
passwd program = /usr/local/bin/php -q
/root/CyanManager/samba/update_mysql_password.php %u
passwd chat = "password:" %n\n "ok\n"
passwd chat debug = Yes
unix password sync = Yes
log level = 5
log file = /var/log/samba/log.%m
fam change notify = No
load printers = No
domain logons = Yes
os level = 128
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
foo:unknown 6 column = nt_unknown_6
foo:logon count column = nt_logon_count
foo:bad password count column = nt_bad_password_count
foo:logon hours column = nt_logon_hours
foo:hours len column = nt_hours_len
foo:logon divs column = nt_logon_divs
foo:acct ctrl column = nt_acct_ctrl
foo:plain pass column = NULL
foo:nt pass column = nt_pw
foo:lanman pass column = nt_lm_pw
foo:group sid column = nt_group_sid
foo:user sid column = nt_user_sid
foo:munged dial column = nt_munged_dial
foo:unknown string column = nt_unknown_str
foo:workstations column = nt_workstations
foo:acct desc column = nt_acct_desc
foo:profile path column = nt_profile_path
foo:logon script column = nt_logon_script
foo:dir drive column = nt_dir_drive
foo:home dir column = nt_homedir
foo:fullname column = gecos
foo:nt username column = nt_username
foo:domain column = nt_domain
foo:username column = username
foo:pass history = NULL
foo:pass must change time column = nt_pass_must_change_time
foo:pass can change time column = nt_pass_can_change_time
foo:pass last set time column = nt_pass_last_set_time
foo:kickoff time column = nt_kickoff_time
foo:logoff time column = nt_logoff_time
foo:logon time column = nt_logon_time
foo:mysql database = ***********
foo:mysql password = ************
foo:mysql user = ********
foo:mysql host = 10.1.8.12
foo:host = 10.1.8.12
admin users = administrateur
[netlogon]
path = /var/samba/netlogon
browseable = No
--
Bastien Semene
Administrateur Réseau& Système
Cyanide Studio - FRANCE
More information about the samba
mailing list