Hello All, I am trying to migrate samba from a box with Mandrake 10.1 with Samba 3.0.10 to a new box running CentOS 5.2 with Samba 3.0.28. The two versions of samba are too differnet to simply copy the config and tdb files over to the new box and the Mandrake box won't upgrade past 3.0.10. I could really use some suggestions. Thanks The problem when I do that is the Centos box with Samba 3.0.28 generates an schannel_store.tdb in the "private" dir when I attempt to login from a client machine. It allows the login but denies access to the users home dir on the samba server. In the schannel_store.tdb some machine info is placed similar to what you see in the secrets.tdb file. This causes problems with the client machines not being able to find the user profile...etc. I would like to fix this issue the "right way" whatever that is, instead of starting over and rejoining all the machines in the domain again. Any insights would be appreciated. Thanks. Greg
You should only ever need to copy your passdb.tdb and secrets.tdb file from the old system to the new. The rest of the files will be generated for you when you start smbd. The trick I've found is that often different versions and/ or distros store those tdb files in different places, i.e.: Mandriva likes /var/lib/samba or /var/lib/samba/private and Centos likes /etc/samba. So if you try to modify the tdbsam directive in your config file you only end up with 1/2 the solution, i.e. on CentOS set: passdb backend = tdbsam:/var/lib/samba/private/passdb.tdb This would return a valid looking output from pdbedit -Lv but all the passwords would be wrong because it's quietly still looking at the (empty) secrets.tdb in /etc/samba! Does it sould like I've been through this before? :) Anyway, what I've learned to do is: Make a backup copy of passdb.tdb and secrets.tdb Delete all the tdb files in /etc/samba /etc/samba/private /var/lib/samba and /var/lib/samba/private. Copy my smb.conf file, and set passwd backend=tdbsam in it. Run smbpasswd -a and look for the newly created passdb.tdb and secrets.tdb files. Shut Samba down, and replace those new files with my backup copies. Restart Samba. This will return valid output (i.e. your list of users and computers) from pdbedit -L, and their passwords will actually work. Hope this saves you some pain! Rubin On Mon, 2008-09-22 at 17:36 -0700, g s wrote:> Hello All, > > I am trying to migrate samba from a box with Mandrake 10.1 with Samba > 3.0.10 to a new box running CentOS 5.2 with Samba 3.0.28. The two > versions of samba are too differnet to simply copy the config and tdb > files over to the new box and the Mandrake box won't upgrade past > 3.0.10. I could really use some suggestions. Thanks > > The problem when I do that is the Centos box with Samba 3.0.28 generates > an schannel_store.tdb in the "private" dir when I attempt to login from a > client machine. It allows the login but denies access to the users home > dir on the samba server. In the schannel_store.tdb some machine info is > placed similar to what you see in the secrets.tdb file. This causes problems > with the client machines not being able to find the user profile...etc. I would > like to fix this issue the "right way" whatever that is, instead of starting over > and rejoining all the machines in the domain again. Any insights would be > appreciated. Thanks. > > > Greg > > > >-- ?Rubin Bennett RB Technologies http://thatitguy.com rbennett@thatitguy.com (802)223-4448 ?Think for yourselves and let others enjoy the privilege to do so, too. ~Voltaire
On Mon, 2008-09-22 at 17:36 -0700, g s wrote:> Hello All, > > I am trying to migrate samba from a box with Mandrake 10.1 with Samba > 3.0.10 to a new box running CentOS 5.2 with Samba 3.0.28. The two > versions of samba are too differnet to simply copy the config and tdb > files over to the new box and the Mandrake box won't upgrade past > 3.0.10. I could really use some suggestions. ThanksWhoops, sorry to all for the top post :( 50 lashes with a wet noodle for me... Rubin -- ?Rubin Bennett RB Technologies http://thatitguy.com rbennett@thatitguy.com (802)223-4448 ?Think for yourselves and let others enjoy the privilege to do so, too. ~Voltaire
----- Original Message ----
From: Rubin Bennett <rbennett@thatitguy.com>
To: samba list <samba@lists.samba.org>
Sent: Monday, September 22, 2008 5:48:15 PM
Subject: Re: [Samba] need migration/upgrade help
You should only ever need to copy your passdb.tdb and secrets.tdb file
from the old system to the new. The rest of the files will be generated
for you when you start smbd.
The trick I've found is that often different versions and/ or distros
store those tdb files in different places, i.e.: Mandriva
likes /var/lib/samba or /var/lib/samba/private and Centos
likes /etc/samba. So if you try to modify the tdbsam directive in your
config file you only end up with 1/2 the solution, i.e. on CentOS set:
passdb backend = tdbsam:/var/lib/samba/private/passdb.tdb
This would return a valid looking output from pdbedit -Lv but all the
passwords would be wrong because it's quietly still looking at the
(empty) secrets.tdb in /etc/samba! Does it sould like I've been through
this before? :)
Anyway, what I've learned to do is:
Make a backup copy of passdb.tdb and secrets.tdb
Delete all the tdb files in /etc/samba /etc/samba/private /var/lib/samba
and /var/lib/samba/private.
Copy my smb.conf file, and set
passwd backend=tdbsam
in it.
Run smbpasswd -a and look for the newly created passdb.tdb and
secrets.tdb files.
Shut Samba down, and replace those new files with my backup copies.
Restart Samba.
This will return valid output (i.e. your list of users and computers)
from pdbedit -L, and their passwords will actually work.
Hope this saves you some pain!
Rubin
On Mon, 2008-09-22 at 17:36 -0700, g s wrote:> Hello All,
>
> I am trying to migrate samba from a box with Mandrake 10.1 with Samba
> 3.0.10 to a new box running CentOS 5.2 with Samba 3.0.28. The two
> versions of samba are too differnet to simply copy the config and tdb
> files over to the new box and the Mandrake box won't upgrade past
> 3.0.10. I could really use some suggestions. Thanks
>
> The problem when I do that is the Centos box with Samba 3.0.28 generates
> an schannel_store.tdb in the "private" dir when I attempt to
login from a
> client machine. It allows the login but denies access to the users home
> dir on the samba server. In the schannel_store.tdb some machine info is
> placed similar to what you see in the secrets.tdb file. This causes
problems
> with the client machines not being able to find the user profile...etc. I
would
> like to fix this issue the "right way" whatever that is, instead
of starting over
> and rejoining all the machines in the domain again. Any insights would be
> appreciated. Thanks.
>
>
> Greg
>
>
>
>
--
?Rubin Bennett
RB Technologies
http://thatitguy.com
rbennett@thatitguy.com
(802)223-4448
?Think for yourselves and let others enjoy the privilege to do so, too.
~Voltaire
Rubin,
Ok...that makes sense, thank you for the very thorough explination. I was
thinking of just backing up the smbpasswd and secrets.tdb files, although the
docs also say to copy certain .tdb files, in my case, from the /var/cache/samba
dir. But this is beside the point. I was wondering how your description would be
different with an smbpasswd backend. Since I am not using the tdbsam backend.
Just do the same as described above and replace the generated smbpasswd and
secrets.tdb files? Thanks again!
Greg Strohecker
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
----- Original Message ----
From: Rubin Bennett <rbennett@thatitguy.com>
To: samba list <samba@lists.samba.org>
Sent: Monday, September 22, 2008 5:48:15 PM
Subject: Re: [Samba] need migration/upgrade help
You should only ever need to copy your passdb.tdb and secrets.tdb file
from the old system to the new. The rest of the files will be generated
for you when you start smbd.
The trick I've found is that often different versions and/ or distros
store those tdb files in different places, i.e.: Mandriva
likes /var/lib/samba or /var/lib/samba/private and Centos
likes /etc/samba. So if you try to modify the tdbsam directive in your
config file you only end up with 1/2 the solution, i.e. on CentOS set:
passdb backend = tdbsam:/var/lib/samba/private/passdb.tdb
This would return a valid looking output from pdbedit -Lv but all the
passwords would be wrong because it's quietly still looking at the
(empty) secrets.tdb in /etc/samba! Does it sould like I've been through
this before? :)
Anyway, what I've learned to do is:
Make a backup copy of passdb.tdb and secrets.tdb
Delete all the tdb files in /etc/samba /etc/samba/private /var/lib/samba
and /var/lib/samba/private.
Copy my smb.conf file, and set
passwd backend=tdbsam
in it.
Run smbpasswd -a and look for the newly created passdb.tdb and
secrets.tdb files.
Shut Samba down, and replace those new files with my backup copies.
Restart Samba.
This will return valid output (i.e. your list of users and computers)
from pdbedit -L, and their passwords will actually work.
Hope this saves you some pain!
Rubin
--
?Rubin Bennett
RB Technologies
http://thatitguy.com
rbennett@thatitguy.com
(802)223-4448
?Think for yourselves and let others enjoy the privilege to do so, too.
~Voltaire
On Mon, 2008-09-22 at 17:36 -0700, g s wrote:> Hello All,
>
> I am trying to migrate samba from a box with Mandrake 10.1 with Samba
> 3.0.10 to a new box running CentOS 5.2 with Samba 3.0.28. The two
> versions of samba are too differnet to simply copy the config and tdb
> files over to the new box and the Mandrake box won't upgrade past
> 3.0.10. I could really use some suggestions. Thanks
>
> The problem when I do that is the Centos box with Samba 3.0.28 generates
> an schannel_store.tdb in the "private" dir when I attempt to
login from a
> client machine. It allows the login but denies access to the users home
> dir on the samba server. In the schannel_store.tdb some machine info is
> placed similar to what you see in the secrets.tdb file. This causes
problems
> with the client machines not being able to find the user profile...etc. I
would
> like to fix this issue the "right way" whatever that is, instead
of starting over
> and rejoining all the machines in the domain again. Any insights would be
> appreciated. Thanks.
>
>
> Greg
>
>
>
>
Woops...my yahoo decided to include my last post in your signature. In case it
was missed, here it is:
Rubin,
Ok...that makes sense, thank you for the very thorough
explination. I was thinking of just backing up the smbpasswd and
secrets.tdb files, although the docs also say to copy certain .tdb
files, in my case, from the /var/cache/samba dir. But this is beside
the point. I was wondering how your description would be different with
an smbpasswd backend. Since I am not using the tdbsam backend. Just do
the same as described above and replace the generated smbpasswd and
secrets.tdb files? Thanks again!
Greg Strohecker