thr3ads.net - samba - [Samba] migrating samba 2.2.8a PDC to 3.0.12 SID problem [Jul 2005]

If this information is useful, please help other people find it:
Share via:

aux

2005-Jul-07 14:44 UTC

[Samba] migrating samba 2.2.8a PDC to 3.0.12 SID problem

hi, i'm trying to migrate my samba 2.2.8a pdc to 3.0.12 pdc. I'm using 
ldap and i have already migrated all the data. Also i have executed 
convertSambaAccount for the new schema.

My problem is that I cannot set the old SID (samba 2.2.8) to the new 
samba 3.0.12 for that the clients can authentificate to pdc server.

samba2.2.8> smbpasswd -S LDAP
Successfully set domain SID to S-1-5-21-3984604316-2900431957-2958281145

samba3.0.12> net getlocalsid
SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778

samba3.0.12> net setlocalsid S-1-5-21-3984604316-2900431957-2958281145
samba3.0.12> net getlocalsid
SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778

why? the new SID does not keep

The smb.conf is the same, and i also run the command smbpasswd -w

My smb.conf (3.0.12):

         workgroup = LDAP
         server string = LDAP SERVER
         os level = 128
         time server = Yes
         unix extensions = Yes
         encrypt passwords = Yes
         add user script = /etc/samba/idealx/smbldap-useradd -m "%u"
         add machine script = /etc/samba/idealx/smbldap-useradd -w
"%u"
         add group script = /etc/samba/idealx/smbldap-groupadd -p "%g"
         add user to group script = /etc/samba/idealx/smbldap-groupmod 
-m "%u" "%g"
         delete user from group script = 
/etc/samba/idealx/smbldap-groupmod -x "%u" "%g"
         set primary group script = /etc/samba/idealx/smbldap-usermod -g 
"%g" "%u"
         username map = /etc/samba/smbusers
         map to guest = Bad User
         include = /etc/samba/dhcp.conf
         logon path = \\%L\profiles\.msprofile
         logon home = \\%L\%U\.9xprofile
         logon drive = P:
         ;LDAP
         passdb backend = ldapsam:"ldap://127.0.0.1"
         ldap suffix = o=myroot
         ldap admin dn = cn=Manager, o=myroot
         ldap ssl = No
         hosts allow = 192.168. 127. localhost
         local master = yes
         preferred master = yes
         domain master = yes
         domain logons = yes
	[...]

thanks

John H Terpstra

2005-Jul-07 15:11 UTC

head link

[Samba] migrating samba 2.2.8a PDC to 3.0.12 SID problem

On Thursday 07 July 2005 08:43, aux wrote:> hi, i'm trying to migrate my samba 2.2.8a pdc to 3.0.12 pdc. I'm
using
> ldap and i have already migrated all the data. Also i have executed
> convertSambaAccount for the new schema.
Have you followed the guidance in the Samba Update section (chapter 8) of the 
book "Samba-3 by Example"?

Your copy is waiting for you at:
http://www.samba.org/samba/docs/Samba3-ByExample.pdf

I'd like to know of any shortcomings or deficiencies in this chapter.

Thanks.

- John T.
>
> My problem is that I cannot set the old SID (samba 2.2.8) to the new
> samba 3.0.12 for that the clients can authentificate to pdc server.
>
> samba2.2.8> smbpasswd -S LDAP
> Successfully set domain SID to S-1-5-21-3984604316-2900431957-2958281145
>
> samba3.0.12> net getlocalsid
> SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778
>
> samba3.0.12> net setlocalsid S-1-5-21-3984604316-2900431957-2958281145
> samba3.0.12> net getlocalsid
> SID for domain LDAP is: S-1-5-21-1591861398-1194458383-959792778
>
> why? the new SID does not keep
>
> The smb.conf is the same, and i also run the command smbpasswd -w
>
> My smb.conf (3.0.12):
>
>          workgroup = LDAP
>          server string = LDAP SERVER
>          os level = 128
>          time server = Yes
>          unix extensions = Yes
>          encrypt passwords = Yes
>          add user script = /etc/samba/idealx/smbldap-useradd -m
"%u"
>          add machine script = /etc/samba/idealx/smbldap-useradd -w
"%u"
>          add group script = /etc/samba/idealx/smbldap-groupadd -p
"%g"
>          add user to group script = /etc/samba/idealx/smbldap-groupmod
> -m "%u" "%g"
>          delete user from group script >
/etc/samba/idealx/smbldap-groupmod -x "%u" "%g"
>          set primary group script = /etc/samba/idealx/smbldap-usermod -g
> "%g" "%u"
>          username map = /etc/samba/smbusers
>          map to guest = Bad User
>          include = /etc/samba/dhcp.conf
>          logon path = \\%L\profiles\.msprofile
>          logon home = \\%L\%U\.9xprofile
>          logon drive = P:
>          ;LDAP
>          passdb backend = ldapsam:"ldap://127.0.0.1"
>          ldap suffix = o=myroot
>          ldap admin dn = cn=Manager, o=myroot
>          ldap ssl = No
>          hosts allow = 192.168. 127. localhost
>          local master = yes
>          preferred master = yes
>          domain master = yes
>          domain logons = yes
> 	[...]
>
> thanks
-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.

Reasonably Related Threads

Search for more maybe matching threads

samba - Jul 2005 - migrating samba 2.2.8a PDC to 3.0.12 SID problem

[Samba] migrating samba 2.2.8a PDC to 3.0.12 SID problem

[Samba] migrating samba 2.2.8a PDC to 3.0.12 SID problem

Reasonably Related Threads