[Samba] switching to smbldap-tools from custom scripts

John G. Heim jheim at math.wisc.edu
Thu Nov 10 14:53:38 MST 2011

I'm looking for advice on how to handle this problem... I've inherited a 
samba domain with an ldap backend. It uses custom scripts to add users and 
to join a machine to the domain. I don't mind the custom add user script but 
I'd like to do away with the custom script to join a machine to the domain. 
The custom script breaks all the time and our Windows systems admin is 
pretty frustrated with our samba domain. Every time he wants to join a 
machine to the domain, he has to come to me to coerce that script into 
working. So I'd like to switch to the smbldap-tools script for adding a 
machine to the domain.

The tricky part is that our ldap database is also used for linux 
authentication so I have to make sure I don't mess up the ldap database when 
I fix it for smbldap-tools. I was thinking of building a new ldap/samba 
server with an empty ldap database, running the smbldap-populate script, and 
then importing just the ldap records for existing users and machines.  So 
then I could test linux authentication vs the new machine while the old 
machine is still up.

But I don't actually know how to extract the data I need from the old ldap 
database. And maybe it would be safer to let the old dreck in there.  But 
how does the smbldap-tools populate script know about existing machines?

More information about the samba mailing list