[Samba] security = ads, backend = ad parameter not working in samba 4.10.10
Sérgio Basto
sergio at serjux.com
Thu Dec 5 19:08:11 UTC 2019
On Thu, 2019-12-05 at 18:34 +0000, Rowland penny via samba wrote:
> On 05/12/2019 17:48, Sérgio Basto wrote:
> > I did migration with something like this :
> >
> > ldbsearch -H /opt/samba/private/sam.ldb -s sub -b
> > dc=old_ad,dc=local
> > '(objectClass=user)' > user-export2.ldif
> > scp user-export2.ldif to_the_new_machine:
> >
> > in new machine :
> >
> > sed -i 's/DC=old_ad/DC=corp/g; s/old_ad.local/corp.local/g' user-
> > export2.ldif
> > sed -i bla bla user-export2.ldif
> >
> > ldbmodify -H /var/lib/samba/private/sam.ldb --
> > controls=local_oid:1.3.6.1.4.1.7165.4.3.12:0 user-export2.ldif
> >
> Sorry, but it is more involved than that, you should have joined a
> new
> DC, then demoted the old DC, you might have had to do this a few
> times
> to move from Samba 4.x.x to a supported Samba version.
>
> I am very surprised that this worked in any way at all.
I did a new AD with a new name.
Samba 4.0.0 don't have demote , I move from a Sernet software to a free
and open software in Centos 7 (I use RedHat flavor since 2001) .
I just migrate the users and his password nothing more ... I had to
remove a lot of fields, OU(s) etc for example: [1] .
And is working very well, I'm very happy, yesterday I upgrade all DC(s)
to samba 4.10.10 and it was very smooth .
And well, I want add a new uidNumber and gidNumber to every user and
group in AD , how I can do that ? to use backend = ad , I want use
backend = ad .
Thank you.
[1]
sed -i
'/^instanceType/d;/^whenCreated/d;/^whenChanged/d;/^uSNCreated/d;/^uSNC
hanged/d;/^objectGUID/d;/^codePage/d;/^countryCode/d;/^pwdLastSet/d;/^p
rimaryGroupID/d;/^objectSid/d;/^sAMAccountType/d;/^sAMAccountType/d;/^l
ockoutTime/d;/^isCriticalSystemObject/d' user-exporttest.ldif
> Rowland
>
>
>
>
--
Sérgio M. B.
More information about the samba
mailing list