[Samba] Migration samba 3 to 4

Philippe Maladjian pmaladjian at hilaire.fr
Wed Sep 5 09:42:04 UTC 2018 

Hello,

I'm testing with this link but i'have the same error.

# samba-tool domain classicupgrade --dbdir=/root/samba3/dbdir/ 
--realm=dom.hilaire --dns-backend=SAMBA_INTERNAL /root/samba3/etc/smb.conf

# ll /root/samba3/
total 8
drwxr-xr-x 2 root root 4096 sept.  5 11:23 dbdir
drwxr-xr-x 2 root root 4096 sept.  5 11:21 etc

# ll /root/samba3/dbdir/
total 11900
-rw------- 1 root root    16384 août  17  2010 account_policy.tdb
-rw-r--r-- 1 root root    53248 sept.  3 13:20 brlock.tdb
-rw-r--r-- 1 root root   221184 sept.  3 15:45 connections.tdb
-rw-r--r-- 1 root root    36864 sept.  5 11:35 gencache_notrans.tdb
-rw-r--r-- 1 root root    49152 sept.  3 15:45 gencache.tdb
-rw------- 1 root root    77824 oct.  17  2011 group_mapping.ldb
-rw-r--r-- 1 root root 11005952 sept.  3 15:45 locking.tdb
-rw-r--r-- 1 root root      696 oct.  20  2010 login_cache.tdb
-rw------- 1 root root   188416 sept.  3 15:27 messages.tdb
-rw-r--r-- 1 root root    28672 août  28 11:40 notify_onelevel.tdb
-rw-r--r-- 1 root root    32768 sept.  3 15:26 notify.tdb
-rw------- 1 root root     8192 nov.   4  2011 ntdrivers.tdb
-rw------- 1 root root      696 août  17  2010 ntforms.tdb
-rw------- 1 root root    20480 mai   19  2017 ntprinters.tdb
-rw------- 1 root root    53248 oct.  15  2011 registry.tdb
-rw------- 1 root root    36864 sept.  3 15:46 schannel_store.tdb
-rw------- 1 root root    45056 oct.  27  2011 secrets.tdb
-rw-r--r-- 1 root root   204800 sept.  3 15:42 sessionid.tdb
-rw------- 1 root root    36864 oct.  15  2011 share_info.tdb
-rw-r--r-- 1 root root    36864 août  30 08:31 unexpected.tdb
-rw------- 1 root root    24576 sept.  3 15:45 wins.tdb

# ll /root/samba3/etc/
total 8
-rw-r--r-- 1 root root 4533 sept.  3 16:20 smb.conf

# nano /root/samba/etc/smb.conf

[global]
         netbios name = svct02
         server string = Gestionnaire de domaine
         workgroup = MY.DOMAIN

         hosts allow = 192.168.15. 192.168.6. 10.0.7.
         security = user
         domain master = yes
         domain logons = yes
         prefered master = yes
         local master = yes
         os level = 252
         log level = 1

         encrypt passwords = yes
         username map = /etc/samba/smbusers
         passdb expand explicit = no

         add machine script = /usr/sbin/smbldap-useradd -w '%u'
         add user script = /usr/sbin/smbldap-useradd -a -m '%u'
         delete user script = /usr/sbin/smbldap-userdel -r '%u'
         add group script = /usr/sbin/smbldap-groupadd -g '%g'
         delete group script = /usr/sbin/smbldap-groupdel '%g'
         add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
         delete user from group script = /usr/sbin/smbldap-groupmod -x 
'%u' '%g'
         set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'

         ldap admin dn = cn=Manager,dc=domain,dc=fr
         ldap suffix = dc=domain,dc=fr
         ldap passwd sync = yes
         ldap ssl = no

         ldap user suffix = ou=Users
         ldap group suffix = ou=Groups
         ldap machine suffix = ou=Computers
         ldap idmap suffix = ou=Users

         passdb backend = ldapsam:ldap://ldap2.my.domain
         idmap backend = ldapsam:ldap://ldap2.my.domain

         nt acl support = yes

         # Rajoute le nom de domaine devant le login
         map untrusted to domain = yes
         wins support = yes
         wins proxy = no
         dns proxy = yes
         name resolve order = wins lmhosts bcast
         interfaces = eth* lo
         bind interfaces only = yes
         time server = yes
         socket options = TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT 
SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192

         lock directory = /var/lib/samba
         log file = /var/log/samba/users/log-%U.log

         veto oplock files = /*.mdb/*.doc/*.xls/*.ppt/*.FIC/*.NDX/*.xlsx/
         guest account = nobody

         logon script = %G.bat
         logon path = \\svct02\profiles\%U
         load printers = no
         printcap name = /dev/null
         printcap cache time = 0

         idmap uid = 16777216-33554431
         idmap gid = 16777216-33554431
         template shell = /bin/false
         winbind use default domain = no

[... share definition...]

Thank's

*Philippe MALADJIAN
Responsable informatique | administrateur système*
Ligne directe : +33 (0)4 72 14 50 66 | pmaladjian at hilaire.fr 
<mailto:pmaladjian at hilaire.fr>

Hilaire s.a.s. <http://www.hilaire.fr> 	*HILAIRE s.a.s.*
203 - 205 rue Jean Voillot, 69100 Villeurbanne - France
Tél. : +33 (0)4 72 37 58 23 - Fax : +33 (0)4 78 26 02 03
http://www.hilaire.fr

Le 04/09/2018 à 17:19, Rowland Penny via samba a écrit :
> On Tue, 4 Sep 2018 11:05:10 +0200
> Philippe Maladjian via samba <samba at lists.samba.org> wrote:
>
>> Hello,
>>
>> I am working on the migration of our samba 3.5 domain controller
>> (redhat 5.7) with ldap backend to samba 4.5 on a new server (debian
>> 9.5).
>>
>> On the new server I transferred the smb.conf and all the contents of
>> the /var/lib/samba folder to a temporary folder /root/samba3.
>>
>> To start the migration I use the command:
>>
>> # samba-tool domain samba3upgrade --dbdir =/root/samba3/ --realm =
>> MYDOMAIN.LAN /root/samba3/smb.conf
>>
> Have you read this:
>
> https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)
>
> You are running the wrong command.
>
> You do seem to have problems with your databases though:
>
> Severe DB error, sambaSamAccount can't miss the samba SIDattribute
>
> Can you post the smb.conf you are using for the upgrade.
>
> Rowland
>

More information about the samba mailing list