[Samba] migrating from samba 3 to samba 4

Raymond raymond at joburgtheatre.com
Thu Mar 13 05:02:01 MDT 2014 

We only have 60 accounts on the server.

Our realm is called (showbusiness) but we would like to rename it to
something like (citytheatres) as we manage more than one theatres and would
like to later have them join the (citytheatres) domain.


Here is a copy of my smb.conf file: you will see that there is a roaming
profile tag but I have changed permissions on the directory to avoid the
profiles from being created. We just don't have drive space to support the
amount of data for roaming profiles.

We have user accounts in /etc/passwd
And groups in /etc/group


Thank you
Ray






****************************************************************************
**********************

# Global parameters
[global]
workgroup = SHOWBUSINESS
netbios name = PDC
server string = PDC
interfaces = eth0
bind interfaces only = Yes
passdb backend = tdbsam
pam password change = Yes
passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n
*Password*changed*
username map = /etc/samba/smbusers
unix password sync = Yes
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
printcap name = CUPS
show add printer wizard = No
#add user script = /usr/sbin/useradd -m %u
add user script = /usr/bin/mk_smb_profile %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:
logon home = \\%L\home\%U
domain logons = Yes
local master = Yes
os level = 35
preferred master = Yes
domain master = Yes
wins support = Yes
utmp = Yes
map acl inherit = Yes
printing = cups
veto oplock files = /*.doc/*.xls/*.mdb/

[IPC$]
path = /tmp
hosts allow = 192.168.0.0/24, 192.168.1.0/24, 127.0.0.1
hosts deny = 0.0.0.0/0

[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No

[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
use client driver = Yes
default devmode = Yes
browseable = No

[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No

[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes


[shared]
comment = Network Shares
path = /home/shared
read only = No

[sophos]
writeable = yes
admin users = sophos,raymond,mogapi,michael
path = /home/sophos
create mask = 0777
comment = newvirusupdate
public = yes
browsable = yes


[caseware]
comment = caseware home folder
path = /home/caseware/
browseable = yes
guest ok = no
admin users = caseware
read only = no
valid users = caseware
create mask = 0777

[PSQLDATA]
        comment = Pervasive databases
        path = /usr/local/psql/data
        force user = psql
        force group = pvsw
        read only = No
        valid users = @pvsw
        create mask = 0664
        directory mask = 0775

[PVPIPE$]
        comment = Pervasive pipes
        path = /usr/local/psql/etc/pipe
        # only members of group pvsw will have access
        valid users = @pvsw
        # Absolutely necessary - prevents caching
        oplocks = no
        level2 oplocks = no
        read only = yes
        browseable = No

****************************************************************************
******************************














-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
On Behalf Of Jason Waters
Sent: 13 March 2014 12:46 PM
To: Raymond
Cc: samba at lists.samba.org
Subject: Re: [Samba] migrating from samba 3 to samba 4

I think it works if you are not chiming from an LDAP back end as well.  You
will just need to copy the lib folder over so it has access to the
databases.  How many users?  I'm thinking about the best way to get their
profiles over. I'm assuming that their usernames will stay the same?
On Mar 13, 2014 6:40 AM, "Raymond" <raymond at joburgtheatre.com> wrote:

>
>
> Okay sorry... the howto migrate is about LDAP, I do not have ldap on 
> samba 3. So how do I migrate to samba 4 if I only have the (passwd) db 
> backend on
> samba3 ?
>
> Ray
>
>
>
> -----Original Message-----
> From: samba-bounces at lists.samba.org 
> [mailto:samba-bounces at lists.samba.org]
> On Behalf Of Raymond
> Sent: 13 March 2014 12:32 PM
> To: samba at lists.samba.org
> Subject: Re: [Samba] migrating from samba 3 to samba 4
>
> I found this in previous posts
>
> https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgra
> de/HOW
> TO
>
> Will study it a bit more..
>
> Ray
>
>
>
> -----Original Message-----
> From: samba-bounces at lists.samba.org 
> [mailto:samba-bounces at lists.samba.org]
> On Behalf Of Raymond
> Sent: 13 March 2014 12:18 PM
> To: samba at lists.samba.org
> Subject: [Samba] migrating from samba 3 to samba 4
>
>
>
> Hi all, after the news that samba 4 is now supporting user lockouts 
> after bad password attempts we need to plan our roadmap on migrating 
> from Samba 3 to samba 4.
>
>
>
> We currently have Samba version 3.0.7-1.3E.1 installed with (passwd) 
> database as a backend.
>
>
>
> I would appreciate if anyone can guide me on the migration process.
>
>
>
> Our old server
>
>
>
> Centos 4.4
>
> Samba 3.0.7
>
> (Master browser)
>
>
>
> Our new server
>
>
>
> Centos 6.5
>
> Samba 4 (DC/AD)
>
>
>
> Any guidelines on how the migration would work. We have not 
> implemented roaming profiles on the old setup and we are not planning 
> on implementing roaming profiles on the new system ether.
>
>
>
> My main concerns are:
>
>
>
> We want to change the (domain name) which user's login to and don't 
> want anything to happen with their current profiles on their PC's. (Is 
> this advisable to change the domain name or must the domain name stay 
> the same?) This is the internal domain the users select when they log into
their PC's.
>
>
>
> So the plot thickens. How do we get the samba3 profiles onto the 
> samba4 domain with as little changes to the user setup on their PC's?
>
>
>
> What I mean by profiles is the local profile of the user on the local
PC...
> not roaming profiles... I know by experience that if something happens 
> to samba3's use account then it messes up the local profile on the PC 
> and I am trying to avoid this when I migrate to samba4
>
>
>
> Any help mush appreciated.
>
>
>
> Thank you
>
>
>
> Ray
>
>
>
>
>
>
>
>
>
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml">
> <head>
> <title>email-banner</title>
> <meta http-equiv="Content-Type" content="text/html; 
> charset=iso-8859-1" /> </head> <body bgcolor="#FFFFFF" leftmargin="0"
topmargin="0"
> marginwidth="0"
> marginheight="0"> </br> <a href="http://www.joburgtheatre.com"><img
> src="http://www.showbusiness.co.za/emailbanner/banner.jpg" width="660"
> height="165" />
> <!-- ImageReady Slices (banner4web.jpg) --><!-- End ImageReady Slices
> --></a></br>
>
>
> </body>
>
> </html>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml">
> <head>
> <title>email-banner</title>
> <meta http-equiv="Content-Type" content="text/html; 
> charset=iso-8859-1" /> </head> <body bgcolor="#FFFFFF" leftmargin="0"
topmargin="0"
> marginwidth="0"
> marginheight="0"> </br> <a href="http://www.joburgtheatre.com"><img
> src="http://www.showbusiness.co.za/emailbanner/banner.jpg" width="660"
> height="165" />
> <!-- ImageReady Slices (banner4web.jpg) --><!-- End ImageReady Slices
> --></a></br>
>
>
> </body>
>
> </html>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml">
> <head>
> <title>email-banner</title>
> <meta http-equiv="Content-Type" content="text/html; 
> charset=iso-8859-1" /> </head> <body bgcolor="#FFFFFF" leftmargin="0"
topmargin="0"
> marginwidth="0"
> marginheight="0"> </br> <a href="http://www.joburgtheatre.com"><img
> src="http://www.showbusiness.co.za/emailbanner/banner.jpg" width="660"
> height="165" />
> <!-- ImageReady Slices (banner4web.jpg) --><!-- End ImageReady Slices
> --></a></br>
>
>
> </body>
>
> </html>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "
> http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml">
> <head>
> <title>email-banner</title>
> <meta http-equiv="Content-Type" content="text/html; 
> charset=iso-8859-1" /> </head> <body bgcolor="#FFFFFF" leftmargin="0" 
> topmargin="0" marginwidth="0"
> marginheight="0">
> </br>
> <a href="http://www.joburgtheatre.com"><img src="
> http://www.showbusiness.co.za/emailbanner/banner.jpg" width="660"
> height="165" />
> <!-- ImageReady Slices (banner4web.jpg) --><!-- End ImageReady Slices
> --></a></br>
>
>
> </body>
>
> </html>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>email-banner</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
</br>
<a href="http://www.joburgtheatre.com"><img src="http://www.showbusiness.co.za/emailbanner/banner.jpg" width="660" height="165" />
<!-- ImageReady Slices (banner4web.jpg) --><!-- End ImageReady Slices --></a></br>


</body>

</html>

More information about the samba mailing list