On Fri, 2004-04-02 at 05:05, Scott Hanson wrote:> Hello,
>
> I have inherited a samba-tng PDC (without ldap) that I am to upgrade to
> samba 3. My first attempt failed miserably. I copied over the smbpasswd
> and the domain SID, users were able to log in, but most were not able to
> load their profiles.
>
> I think I have to copy over machine IDs, but I'm not sure how to
> proceed. The migration section of the the howto doesn't seem to apply
to
> tng at all. Any tips or pointers on how to proceed?
The problem is almost certainly that the the RID portion of thier SID
has changed.
This is because Samba-TNG sets it's algorithmic rid system to use:
/* Take the bottom bits. */
#define RID_MULTIPLIER 4
Samba.org has always used a value of 2. To fix this, figure out the
user's real RID
== (uid * RID_MULTIPLIER)+1000
and move your passdb to LDAP (pdb_ldap), where you can set the value
explicitly (sambaSid). Samba 3.0 will then honour the existing SIDs, in
the same way is honours sids from an NT domain migration.
Andrew Bartlett
--
Andrew Bartlett abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet@samba.org
Student Network Administrator, Hawker College abartlet@hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20040402/7a8404ca/attachment.bin