samba - Aug 2004 - Problem migrating PDC from one machine to another

Hi all,
looking for a wee bit of help here.

I've inherited 2 samba servers both running 2.2.7

Server 1, due to be pensioned off os the PDC and currently supports roaming 
profiles printing, home directories and an ldap service.

Server 2 is the all singing all dancing new server that houses all the 
other directories used by our users.

once we're down to 1 server the plan is to move to 3.0.x

As part of the phasing out of server 1, i want to swap the servers round so 
that server 2 is the primary PDC and server 1 is just a domain member 
server.Once this is done I can remove the remaining services on serve 1 and 
switch it off.


So ...

1). Create profiles directory on new server and copy across the profiles 
form old server

2). Modify the global section of the smb.conf file to have:-
        workgroup = WORKGROUP
        netbios name = DREAM
        server string = Dream File Server
        security = domain
        password server = DREAM
        encrypt passwords = Yes
        interfaces = 127.0.0.1/24 x.x.x.x/24
        bind interfaces only = Yes
        log file = /var/log/dream/%m
        log level = 1
        max log size = 50
        deadtime = 55
        os level = 64
        wins support = Yes
        hide files = /lost+found/
        time server = Yes
        deadtime = 55

        character set = ISO8859-1
        domain admin group = <these users>
        logon script = STARTUP.BAT
        logon path = \\%L\profiles\%U
        logon drive = H:
#       logon home = \\%L\%U\profile
        logon home = \\dream\%U
        domain logons = Yes
        os level = 64
        preferred master = Yes
        local master = yes
        domain master = Yes
        dns proxy = No
        valid chars = 0xa0 0xa1 0xa2 0xa3 0xa4 0xa5 0xa6 0xa7 0xa8 0xa9 
0xaa 0xa
b 0xac 0xad 0xae 0xaf 0xb0 0xb1 0xb2 0xb3 0xb4 0xb5 0xb6 0xb7 0xb8 0xb9 
0xba 0xb
b 0xbc 0xbd 0xbe 0xbf 0xc0:0xe0 0xc1:0xe1 0xc2:0xe2 0xc3:0xe3 0xc4:0xe4 
0xc5:0xe
5 0xc6:0xe6 0xc7:0xe7 0xc8:0xe8 0xc9:0xe9 0xca:0xea 0xcb:0xeb 0xcc:0xec 
0xcd:0xe
d 0xce:0xee 0xcf:0xef 0xd0:0xf0 0xd1:0xf1 0xd2:0xf2 0xd3:0xf3 0xd4:0xf4 
0xd5:0xf
5 0xd6:0xf6 0xd7 0xf7 0xd8:0xf8 0xd9:0xf9 0xda:0xfa 0xdb:0xfb 0xdc:0xfc 
0xdd:0xf
d 0xde:0xfe 0xdf 0xff
        inherit permissions = Yes
        hide files = /lost+found/

3). Copy smbpasswd, secrets.tdb and smbusers from old server/etc/samba  to 
new server/etc/samba

4). shutdown Server 1 smbd/nmbd process for the time being

5). Stop/start Server 2 smbd/nmbd

6). Reboot a local network xp client and try to log onto the server. 
Everything works except that the client is unable to get hold of its 
roaming profile and uses a local copy.Other than that , I can log on and 
all my drive mapings are there.

7). Looking at the nmbd on Server 2 it has started with -D REMOTEHOST=<name 
of serve 1> HOSTNAME=<name of server 2>

8). The one running on Server 1 just had HOSTNAME=<name of server 1> ( 
prior to step 4)

9). Looking through the client log on server 2 I see

[2004/08/10 20:47:33, 1] 
smbd/password.c:connect_to_domain_password_server(1266)
  connect_to_domain_password_server: Password server loop - not using 
password server DREAM
[2004/08/10 20:47:33, 0] smbd/password.c:domain_client_validate(1599)
  domain_client_validate: Domain password server not available.

Which seems reasonable as the nmbd process on serve 2 seems to be trying to 
use Server 1 which isn't there.

So what am i missing here? What to I need to configure/copy from Server 1 
to Server 2 to enable the domain authentication to happen on Serve2 2 ?

TIA
Alex

Sent using Mulberry 3.1.2

On Aug 12, 2004, at 7:57 AM, Alex Sharaz wrote:
> 3). Copy smbpasswd, secrets.tdb and smbusers from old server/etc/samba 
>  to new server/etc/samba
Don't copy the secrets.tdb, most of the information in secrets.tdb is 
server specific.  The information piece of information in the file is 
the domain SID.  So preform the upgrade just like a real MS domain.  
Join Server 2 to the domain, so it has the correct domain SID, then 
edit it's config to make it a the domain master.  At this point you can 
either edit the config on Server 1 and demote it to a normal domain 
server or simply turn it off.

Hope that helps,
Derek

Isn't sanity just a one-trick pony anyway? I mean, all you get is that 
one trick, rational thinking, but when you're good and crazy, well, the 
sky's the limit!
"The Tick (comic book)"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040819/ddbfe070/PGP.bin