[Samba] help migrating from file server to NAS w/ Active Directory

Jim Dory jdory at nomealaska.org
Wed Feb 16 12:49:04 MST 2011 

  hello,

I'm having a problem I hope will be easy for someone to explain to me 
how to fix. I need to migrate from an old server to a new Cisco Smart 
Storage NAS, which runs some flavor of linux and is Active Directory 
aware. Using something like Robocopy from the AD server, or rsync or tar 
from the file server does not preserve user/group identities or 
directory date stamps (maybe rsync tar preserves the directory date 
stamps but robocopy doesn't). The owner defaults to the NAS admin and 
admin group.

There also seems to be a problem with the windows security permissions 
on the directories/files - under Windows Explorer the permissions are 
listed as "special" and the admins can't change them.

I set up a file server years ago on CentOs using Samba to serve files to 
Windows clients. Since then we integrated Active Directory and I had a 
windows whiz fix up my Samba config to use AD authentication. So the 
server doesn't really have linux users/groups anymore per se. To add a 
new user I add them via the AD server then map them in the smb.conf file 
- create manually a home directory for them and chown it to their 
username. (not sure how that works since there is no linux user by those 
usernames). Here is an example:
> [jimd]
>         path = /home/CN/jimd
>         valid users = CN+jimd
>         writeable = Yes
>         create mask = 0777
>         directory mask = 0777
>         browseable = no 

So the AD user is CN+jimd. One the file server though, the username that 
shows up on any file created by CN+jimd is actually owned by jimd (no 
CN+). On the NAS, any file I create with that user is owned by CN+jimd. 
Not sure if that is part of my problem or not.

Groups are similar.
> [Engineering]
>         writeable = Yes
>         path = /home/data/engineering
>         force group = CN+sengineer
> ;       guest ok = Yes
>         browseable = Yes
>         create mask = 0770
>         directory mask = 0770
>         valid users = @CN+sengineer 

So the thought was to somehow map files/shares on the AD server and move 
them over in that environment, but having troubles mentioned above - 
preserving directory time stamps and owner IDs.  Seems like I'm missing 
something really simple. The NAS does have samba and automatically 
writes a smb.conf file, but I don't believe there is a way to manually 
edit it other than GUI.

Let me know if you need more info to help.. appreciate the read!
cheers, JD

-- 
Jim Dory
Engineering
City of Nome
PO Box 281
102 Division St.
Nome, AK 99762
907.443.6604

http://www.nomealaska.org

More information about the samba mailing list