[Samba] Migrating: tdb to ldap (Samba Classic)

Gaiseric Vandal gaiseric.vandal at gmail.com
Mon Apr 2 11:57:30 UTC 2018 

When I migrated from TBD to LDAP I had to write some perl scripts to 
reformat the data exported from TDB into the correct LDAP 
structure.      The smbldap-migrate tool did not seem available with my 
distribution.          Moving to Samba AD had not been an option because 
this was still Samba 3 (and AD server support in Samba 4 was still 
experimental), and I also need LDAP backend for non-samba 
services.            Samba AD didn't support domain trusts (I still 
think it doesn't completely support them) which also was a deal breaker.




On 03/31/18 14:30, Stefan Kania via samba wrote:
> Why do you wan't to switch to NT-Domain with LDAP? Why not change to AD?
> It is much easier and better for the future
>
>
> Am 31.03.18 um 13:20 schrieb Rob Thoman via samba:
>> Guys,
>>
>> We have a Samba 4 PDC with TDB backend. We're now trying to a BDC so we
>> need to migrate from TDB to LDAP . I've read the Samba documentation which
>> says using tdb in both servers will cause issues. So the question is how do
>> we migrate from TDB to LDAP in the PDC. The setup we are going for is each
>> DC will have LDAP setup. The LDAP servers will then be replicated. Reading
>> the official samba 3 document I found the existing /var/lib/samba needs to
>> be cleaned before LDAP is setup. The following is what the document says.
>>
>> Delete all runtime les from prior Samba operation by executing
>> root# rm /etc/samba/*tdb
>> root# rm /var/lib/samba/*tdb
>> root# rm /var/lib/samba/*dat
>> root# rm /var/log/samba/*
>>
>> Now the obvious question is if we do the above, it will wipe all user data
>> from TDB.  So what do we do? Setup openldap, setup all the ssl, base ldifs.
>> What is the next step? The options I have read is pdbedit -i tdbsam to -e
>> ldapsam. But if TDB is wiped how will it populate?  The other option is
>> that export the /passwd and /group and convert them to ldif using the
>> "migration tools" .i.e /smbldap-migrate . I think it is called the Idealix
>> tools.
>>
>> Please help.
>>
>> Thank you,
>> Rob
>
>
>
>

More information about the samba mailing list