[Samba] need help cleaning up my smb3 databases to complete smb4 classic upgrade
Adam Wojnarski
adam.wojnarski at gmail.com
Mon May 26 02:38:28 MDT 2014
Since there is no response to my previous e-mail, I have an idea for a
different approach- perhaps I can use those commands
net rpc samdump Dump SAM data of remote NT PDC
net rpc vampire Sync a remote NT PDC's data into local passdb
net rpc getsid Fetch the domain sid into local secrets.tdb
to pump my domain data to a fresh tdb database and ensure consistancy this way?
This way I would migrate oldsmb3->newsmb3(as secondary
DC)->newsmb4(->and then finally be able to build a trust with ad2008
but that's a different story)
Or will the invalid entries be copied as well? I prefer to ask prior
to doing something that will turn out to be a total waste of time. If
It is supposed to work as I wrote, which options should I use?
Or coming back to my previous approach - perhaps I need to dump the db
in a special way or it's a ssid not connected to users at all and I
need to check another tdb? I still think that identifying and deleting
the offending record is the best approach.
Maybe the classic upgrade has some kind of --force equivalent I could
You to try to migrate overlooking errorous entries in tdb's?
I've been struggling for a few weeks now so any help will be welcome.
Best Regards,
Adam
2014-05-21 10:59 GMT+02:00 Adam Wojnarski <adam.wojnarski at gmail.com>:
> Hello Marc,
> Thank You for Your reply
>> Hello Adam,
>>
>> Am 19.05.2014 10:53, schrieb Adam Wojnarski:
>>> My issue is:
>>> How do i find the offending sid in my old dbs and get rid of it?
>>
>> What kind of backend do you use on your classic domain?
>>
>>
>
> My smb3 config (excluding hosts shares fallows)
>
> [global]
> workgroup = MyCOMPANYNAME
> server string = THISHOSTSNAME
> hosts allow = 192.168. 127.
> log file = /var/log/samba/%m.log
> max log size = 50
> log level = 10
> security = user
> passdb backend = tdbsam
> domain master = yes
> domain logons = yes
> logon drive = Q:
> logon home = \\%N\%U
> logon path = \\%N\%U\profile
> add machine script = /usr/sbin/useradd -d /var/lib/nobody -s /sbin/nologin "%u"
> local master = yes
> preferred master = yes
> wins support = yes
> load printers = no
> cups options = raw
> create mask = 0660
> directory mask = 0770
> unix extensions = no
> max open files = 100000
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
> valid users = %S
> valid users = MYCOMPANYNAME\%S
> [netlogon]
> comment = Network Logon Service
> path = /var/lib/samba/netlogon
> guest ok = yes
> writable = no
> share modes = no
>
>
>>
>>
>>> I got my samba 4 from git://git.samba.org/samba.git samba-master
>>> my smb3 server is a an ancient fedora build samba-3.2.15-0.36.fc10.x86_64 -
>>> am I right to think that upgrading it to a current 3.x line version might
>>> help things or will the db's collect even more garbage with the upgrade? A
>>> few people managed it before me so I don't know it's full history.
>>
>> If you have any concerns, you can simply update to 4.1.7 and if
>> everything works like it should, then do the classicupgrade to AD a few
>> days later.
>>
>> But why do you want to use a developer/git version and not a released
>> one (4.1.7)? Releases are stable. I would not run a git version in
>> production.
>>
> Tried the current stable release - I have the exact same error. I
> googled it multiple times and am sure that It's an issue with the old
> samba. tried to locate the offending use/host using wbinfo or dumping
> the winbindd_idmap.tdb file but failed to find it there. I was trying
> the one from git hoping that a fresher version will do better. From
> what I learned this haunts users ever since classicupgrade is
> available.
>
>>
>>
>> Regards,
>> Marc
>
>
> p.s. listing of all tdb databases I have in my old system
>
> # ls /var/lib/samba/
> account_policy.tdb connections.tdb.bak
> idmap_cache.tdb.bak mutex.tdb.bak notify.tdb.bak
> ntprinters.tdb.bak scripts unexpected.tdb.bak
> wins.dat
> account_policy.tdb.bak gencache.tdb locking.tdb
> namelist.debug ntdrivers.tdb perfmon
> sessionid.tdb winbindd_cache.tdb wins.tdb
> brlock.tdb gencache.tdb.bak locking.tdb.bak
> netlogon ntdrivers.tdb.bak printing
> sessionid.tdb.bak winbindd_cache.tdb.bak wins.tdb.bak
> brlock.tdb.bak group_mapping.ldb messages.tdb
> netsamlogon_cache.tdb ntforms.tdb private
> share_info.tdb winbindd_idmap.tdb
> browse.dat group_mapping.tdb.upgraded messages.tdb.bak
> netsamlogon_cache.tdb.bak ntforms.tdb.bak registry.tdb
> share_info.tdb.bak winbindd_idmap.tdb.bak
> connections.tdb idmap_cache.tdb mutex.tdb
> notify.tdb ntprinters.tdb registry.tdb.bak
> unexpected.tdb winbindd_privileged
>
> # ls /var/lib/samba/private/
> passdb.tdb schannel_store.tdb secrets.tdb smbpasswd
>
> Best Regards,
> Adam
More information about the samba
mailing list