[Samba] FW: LDAP getent issues

Praveen Ghimire PGhimire at sundata.com.au
Sun Apr 8 09:05:46 UTC 2018

Hi Rowland,

I have gone through that link a few times and have done both the  TDB to AD and also LDAP to AD migration a few times.

The AD migration is the second stage.

Let me explain the situation.  The Production server is a Samba 3 box which acts as the DC (TDB) and file share. We decided to to add a Samba 4 box to that classic domain and make it a PDC.  Having gone through various documents , which suggested to not use TDB for a PDC BDC setup, we are looking at using LDAP.  The plan is to make the old PDC a member server as it still has all the files.

The adding new box and making it a PDC using LDAP works. Authentication of the users who were in TDB works too. The issue is any newly created users in LDAP. Hence the question.


Praveen Ghimire

-------- Original message --------
From: Rowland Penny <rpenny at samba.org>
Date: 8/04/2018 6:50 PM (GMT+10:00)
To: Praveen Ghimire <PGhimire at sundata.com.au>
Cc: samba at lists.samba.org
Subject: Re: [Samba] FW: LDAP getent issues

On Sun, 8 Apr 2018 08:35:24 +0000
Praveen Ghimire <PGhimire at sundata.com.au> wrote:

> Hi Rowland,
> Let me start my apologizing about the missed email, must have not
> seen it.
> We are migrating to an AD domain , the first step was to migrate PDC
> to LDAP.
> So to get around the bug, do we need to create the user in both PDC
> in LDAP and also as a local user in the member server with the same
> password? As the member server is set to look for files then winbind,
> this should work?

If you are migrating to AD, you do not need the Unix domain member to
carry out the migration. You also do not need to migrate to LDAP first.

Have you read this:



This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com

More information about the samba mailing list