[Samba] Fwd: Migrating server

Harry Jede walk2sun at arcor.de
Tue Mar 6 11:32:44 UTC 2018


Am Dienstag, 6. März 2018, 16:42:23 CET schrieb Rob Thoman:
> I have the following in the samba logs for that machine
> 
> Failed to get groups from sam account.
> 
> 
> So basically it is telling me there are issues with groups, fair
> enough. What is the best way to get the groups in ldap? I have tried
> the pdedit -i tdbsam -e ldapam, also have tried adding it via the
> migration tools
Fine you have find something I have assumed in a previous mail.
 Once again the command to retrieve the groups:

# for s in 512 513 515 ;do ldapsearch -LLLY EXTERNAL -H ldapi:/// -b dc=mydomain -s sub "sambasid=S-1-5-21-2631908330-1812305667-41686038-$s";done 2>/dev/null

This is a one liner. Between sub and " character is a space.

The output should look like:

dn: cn=DomainAdmins,ou=groups,dc=afrika,dc=xx
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 512
cn: DomainAdmins
memberUid: Administrator
memberUid: root
description: Netbios Domain Administrators
sambaSID: S-1-5-21-1507708399-2130971284-2230424465-512
sambaGroupType: 2
displayName: Domain Admins

dn: cn=DomainUsers,ou=groups,dc=afrika,dc=xx
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 513
cn: DomainUsers
description: Netbios Domain Users
sambaSID: S-1-5-21-1507708399-2130971284-2230424465-513
sambaGroupType: 2
displayName: Domain Users

dn: cn=DomainComputers,ou=groups,dc=afrika,dc=xx
objectClass: top
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 515
cn: DomainComputers
description: Netbios Domain Computers accounts
sambaSID: S-1-5-21-1507708399-2130971284-2230424465-515
sambaGroupType: 2
displayName: Domain Computers

-- 

Gruss
	Harry Jede


More information about the samba mailing list