[Samba] Moving users from a Samba 3.6 to 4.9 (tdb)
L.P.H. van Belle
belle at bazuin.nl
Fri Oct 9 06:58:40 UTC 2020
Yes, without full config this is hard to analyze..
Smb.conf maybe some logs parts if there is something in the logs..
Now, TP starter said.
> I copied system users and group, then /var/lib/samba/*.tdb
Here im pointing to the "users" and "groups"
What exactly did you copy? Only the passwd and groups ?
Did you make sure you only copied the UID/GIDS above 1000?
Because the numbers below it do change per install.
You also know there is a "shadow" file?
Did you test if you can login with the copies users ( if allowed and needed )
These are the important once..
groups and memberships: /etc/group
group passwords: /etc/gshadow
This one has a good and valid set to move accounts.
Debian and Ubuntu Linux : Default is 1000 and upper limit is 29999 (/etc/adduser.conf).
Only that part, the upper limit is now 59999
And have you seen?
I dont think the underlaying problem here is samba, but how its copied.
I say review above with the steps you did, you missed something. ( but thats clear already ) :-/
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Rowland penny via samba
> Verzonden: donderdag 8 oktober 2020 19:32
> Aan: sambalist
> Onderwerp: Re: [Samba] Moving users from a Samba 3.6 to 4.9 (tdb)
> On 08/10/2020 17:49, Emmanuel Florac wrote:
> > Le Thu, 8 Oct 2020 17:37:38 +0100
> > Rowland penny via samba <samba at lists.samba.org> écrivait:
> >> On 08/10/2020 17:25, Emmanuel Florac via samba wrote:
> >>> But it's not a domain, no LDAP, no AD. Just a standalone server,
> >>> migrating to another standalone server. Should I do
> something using
> >>> Samba tool?
> >> No, samba-tool is only used with AD.
> >> As far as I am aware, the standalone server hasn't changed
> that much
> >> between 3.6 and 4.9 (both of which are EOL as far as Samba is
> >> concerned), so your method probably should have worked.
> >> What OS are you using ?
> > Debian, the old server running Debian 7 and the new one Debian 10
> > (current stable).
> >> Have you checked the file ownership on the files you copied ?
> > Yes, they belong to root, 600 access rights on both systems.
> >> What is in your smb.conf ?
> >> I take it that it isn't so much getting Samba to work, it
> is the file
> >> ownership.
> > The smb.conf are quite different, because the old one
> doesn't work out
> > of the box with the new machine.
> > The main differences are:
> > old box:
> > winbind separator = +
> > winbind enum users = yes
> > winbind enum groups = yes
> > winbind cache time = 10
> > idmap uid = 10000-20000
> > idmap gid = 10000-20000
> > (no idmap or winbind custom settings on the new one)
> > Old box :
> > unix password sync = false
> > New:
> > unix password sync = true
> > Maybe that's the culprit? I don't really know what this
> setting does.
> You do not normally run winbind on standalone server, so I think you
> need to post the [global] portion of your old smb.conf, so we
> can find
> out just what you are running.
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba