[Samba] Please help: classicupgrade not importing users
simon+samba at matthews.eu
simon+samba at matthews.eu
Tue Apr 2 14:24:20 MDT 2013
I have tried everything that I can think of, but the users are still not
being imported.
I deleted and re-created the /usr/local/samba directory (using make
install), I added users to the local passwd file (ypcat passwd >>
/etc/passwd) and then stopped ypbind.
Still the same. The users are not imported while the groups are.
I would really appreciate some help in getting past this step.
The transcript of my last attempt at classicupgrade can be found here:
http://pastebin.com/tP8bG5Yb
I changed the realm that I used to "a.b" and made edits to the file to
make it consistent.
Simon
On Mon, 1 Apr 2013, simon+samba at matthews.eu wrote:
>
>
> On Tue, 2 Apr 2013, Ricky Nance wrote:
>
>> http://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO<https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO>
>> should
>> help.
>
> I have been following those instructions. I have a tdb backend, I am working
> on a VM that does not have SAMBA3 installed. The command:
> # samba-tool user list
> does not show my users.
>
> Interestingly, the groups seem to be there. If I use
> # samba-tool group list
> I see the expected groups.
>
> Simon
>
>
>
>>
>> Ricky
>>
>>
>> On Tue, Apr 2, 2013 at 12:06 AM, Gémes Géza <geza at kzsdabas.hu> wrote:
>>
>> > 2013-04-02 05:35 keltezéssel, simon+samba at matthews.eu írta:
>> >
>> >
>> > >
>> > > On Mon, 1 Apr 2013, simon+samba at matthews.eu wrote:
>> > >
>> > >
>> > > > On Tue, 2 Apr 2013, Andrew Bartlett wrote:
>> > > >
>> > > > On Mon, 2013-04-01 at 09:26 +0200, Gémes Géza wrote:
>> > > > > > 2013-04-01 02:36 keltezéssel, simon+samba at matthews.eu írta:
>> > > > > > > Since I don't seem to be having any luck with the
>> > > > > > > classicupgrade,
>> > > > > I > > decided to try starting from scratch and then adding
>> > > > > I > > users.
>> > > > > > > > > I ran the command:
>> > > > > > > /usr/local/samba/bin/samba-**tool domain provision
>> > > > > > > --realm=<my
>> > > > > realm> \ > > --domain=<mydomain> --adminpass 'mypass'
>> > > > > realm> --server-role=dc \
>> > > > > > > --dns-backend=BIND9_DLZ
>> > > > > > > > > Then I tried both adding and changing users. In neither
>> > > > > > > > > case
>> > > > > can I > > change the SID with pdbedit. It seems to be added with
>> > > > > a > >
>> > > > > system-defined SID, irrespective of what I specify. pdbedit -v is
>> > > > > > >
>> > > > > able to list the user's parameters, including the SID.
>> > > > > > > > > Any suggestions? I am pretty much stuck here trying to
>> > > > > > > > > figure
>> > > > > out how > > to migrate from an existing SAMBA3 domain to SAMBA4.
>> > > > > > > > > > Hi,
>> > > > > > > Trying to add users one by one (preserving SID) is IMHO a
>> > > > > > > lot
>> > > > > harder > (you would probably need to ldbmodify the user record
>> > > > > of each
>> > > > > one) to > do, than fixing your samba3 install to have it
>> > > > > classicupgraded.
>> > > > >
>> > > > > Indeed. The only way to safely import a list of users who
>> > > > > already
>> > > > > have
>> > > > > SIDs is to migrate them to Samba 4.0's AD DC using one of the
>> > > > > supported
>> > > > > migration tools.
>> > > > >
>> > > > > These are 'samba-tool domain join dc' and 'samba-tool domain
>> > > > > classicupgrade'.
>> > > > >
>> > > >
>> > > > Perhaps I need to address why the "classicupgrade" did not work. I
>> > > > see
>> > > > now that I did not pass the --dbdir option when running it before.
>> > > > I'll try
>> > > > again.
>> > > >
>> > > >
>> > > I went back to trying to get the classicupgrade to work:
>> > > /usr/local/samba/bin/samba-**tool domain classicupgrade \
>> > > --dbdir=/var/lib/samba/ --dbdir=/var/lib/samba/ --realm=a.b \
>> > > /etc/samba/smb.conf --use-xattrs=yes
>> > >
>> > > For the realm, I used a subdomain of one of the two existing dns
>> > > domains
>> > > in the LAN. It appears to be processing the information from the old
>> > > domain
>> > > tdb files, although I see some errors:
>> > > Cannot open idmap database, Ignoring: [Errno 2] No such file or
>> > > directory
>> > > Importing groups
>> > > Could not add group name=Remote Desktop Users ((68, "samldb: Account
>> > > name
>> > > (sAMAccountName) 'Remote Desktop Users' already in use!"))
>> > > Could not modify AD idmap entry for
>> > > sid=S-1-5-21-4254857281-**3346836279-4152649156-555,
>> > > id=5077, type=ID_TYPE_GID ((32, "Base-DN
>> > > '<SID=S-1-5-21-4254857281-**3346836279-4152649156-555>'
>> > > not found"))
>> > > Could not add posix attrs for AD entry for
>> > > sid=S-1-5-21-4254857281-**3346836279-4152649156-555,
>> > > ((32, "Base-DN '<SID=S-1-5-21-4254857281-**3346836279-4152649156-555>'
>> > > not found"))
>> > > Group already exists
>> > > sid=S-1-5-21-4254857281-**3346836279-4152649156-512,
>> > > groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.
>> > >
>> > > However, after this, all I get from pdbedit -L is:
>> > > # pdbedit -L
>> > > RAIDSERVER$:4294967295:
>> > > Administrator:4294967295:
>> > > [root at samba ~]# pdbedit -L
>> > > RAIDSERVER$:4294967295:
>> > > Administrator:4294967295:
>> > > krbtgt:4294967295:--dbdir=/**var/lib/samba/ --realm=a.b
>> > > /etc/samba/smb.confnobody:99:**Nobody
>> > >
>> > > Any ideas? What information might help debug this?
>> > >
>> > > Simon
>> > >
>> > >
>> > > Could this happen because pdbedit is from the samba3 install?
>> >
>> > I recommend doing upgrade on a new box/virtual machine where no samba3
>> > is
>> > installed, and copying the tdb files to the new box.
>> >
>> > Regards
>> >
>> > Geza Gemes
>> >
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions:
>> > https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
>> >
>>
>>
>>
>> --
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
More information about the samba
mailing list