[Samba] help migrating from file server to NAS w/ Active Directory

Jim Dory jdory at nomealaska.org
Wed Feb 16 14:01:05 MST 2011 

  Extra info:
  smbd --version
Version 3.0.33-0.19.el4_8.3

Win Server 2003-r2

thx,  JD

On 2/16/2011 10:49 AM, Jim Dory wrote:
>  hello,
>
> I'm having a problem I hope will be easy for someone to explain to me 
> how to fix. I need to migrate from an old server to a new Cisco Smart 
> Storage NAS, which runs some flavor of linux and is Active Directory 
> aware. Using something like Robocopy from the AD server, or rsync or 
> tar from the file server does not preserve user/group identities or 
> directory date stamps (maybe rsync tar preserves the directory date 
> stamps but robocopy doesn't). The owner defaults to the NAS admin and 
> admin group.
>
> There also seems to be a problem with the windows security permissions 
> on the directories/files - under Windows Explorer the permissions are 
> listed as "special" and the admins can't change them.
>
> I set up a file server years ago on CentOs using Samba to serve files 
> to Windows clients. Since then we integrated Active Directory and I 
> had a windows whiz fix up my Samba config to use AD authentication. So 
> the server doesn't really have linux users/groups anymore per se. To 
> add a new user I add them via the AD server then map them in the 
> smb.conf file - create manually a home directory for them and chown it 
> to their username. (not sure how that works since there is no linux 
> user by those usernames). Here is an example:
>> [jimd]
>>         path = /home/CN/jimd
>>         valid users = CN+jimd
>>         writeable = Yes
>>         create mask = 0777
>>         directory mask = 0777
>>         browseable = no 
>
> So the AD user is CN+jimd. One the file server though, the username 
> that shows up on any file created by CN+jimd is actually owned by jimd 
> (no CN+). On the NAS, any file I create with that user is owned by 
> CN+jimd. Not sure if that is part of my problem or not.
>
> Groups are similar.
>> [Engineering]
>>         writeable = Yes
>>         path = /home/data/engineering
>>         force group = CN+sengineer
>> ;       guest ok = Yes
>>         browseable = Yes
>>         create mask = 0770
>>         directory mask = 0770
>>         valid users = @CN+sengineer 
>
> So the thought was to somehow map files/shares on the AD server and 
> move them over in that environment, but having troubles mentioned 
> above - preserving directory time stamps and owner IDs.  Seems like 
> I'm missing something really simple. The NAS does have samba and 
> automatically writes a smb.conf file, but I don't believe there is a 
> way to manually edit it other than GUI.
>
> Let me know if you need more info to help.. appreciate the read!
> cheers, JD
>

-- 
Jim Dory
Engineering
City of Nome
PO Box 281
102 Division St.
Nome, AK 99762
907.443.6604

http://www.nomealaska.org

More information about the samba mailing list