samba - Sep 2004 - Upgrade Novell 4.11 to Samba 3.0.7 wisdom needed

Has anybody done such a thing as this?  I'm looking to make this transition
as
smooth as possible.  I have the new fileserver up and running, and I'm using
rsync to keep the Novell data current on the Samba server.  Any words of 
advice on transferring the users and groups and permissions over to the new 
server in the least painful way possible?  I have some idea that Novell uses 
LDAP so that I should be able do it somehow.  I don't want to screw this 
upgrade up, and any help would be appreciated.  I am hoping someone has 
already done it before and has written a Howto or something about it.

Thanks,
Misty

Hello,
I didn't think that Novell 4.11 used LDAP but could be wrong. Later versions
use
LDAP with their schema extensions. I went from Novell 5.1 to Samba 3.0.0. I
moved users a little at a time removing the Novell client from client machines
and reconfiguring networking. Since I am with a school system the HS students
are dumped at the end of the year and accounts recreated in the fall. It was a
difficult process but I feel worth it.

Kent N


Misty Stanley-Jones <misty@borkholder.com> wrote:
> Has anybody done such a thing as this?  I'm looking to make this
transition as
> smooth as possible.  I have the new fileserver up and running, and I'm
using
> rsync to keep the Novell data current on the Samba server.  Any words of 
> advice on transferring the users and groups and permissions over to the new
> server in the least painful way possible?  I have some idea that Novell
uses
> LDAP so that I should be able do it somehow.  I don't want to screw
this
> upgrade up, and any help would be appreciated.  I am hoping someone has 
> already done it before and has written a Howto or something about it.
> 
> Thanks,
> Misty
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

On 21 Sep 2004 , Misty Stanley-Jones entreated about
 "[Samba] Upgrade Novell 4.11 to Samba 3.0.7 wisdom":

} Has anybody done such a thing as this?  I'm looking to make this
} transition as smooth as possible.  I have the new fileserver up and

I'm busy replacing a Netware 3.12 box.... with FreeBSD 5.2.1 and 
Samba 3.0.7

} running, and I'm using rsync to keep the Novell data current on the

3.12 won't do fancy stuff like that, and when I tried to use 
mount_nwfs I rather successfully locked up the BSD box completely.  
through several tries with different configs.  so I'll be 
transferring data via a PC with mappings to both systems...

} Samba server.  Any words of advice on transferring the users and groups
} and permissions over to the new server in the least painful way
} possible?  I have some idea that Novell uses LDAP so that I should be

My system needs a makeover so I'm not transferring so much as re-
engineering, so can't help you much.   I'm creating new groups to 
mirror some of the existing Novell groups, dropping some, and adding 
others.  My big hurdle at the moment is figuring a way round the 
sheer versatility I had on the Novell box....
ie, have a volume named 'graf'
a folder on that is assigned to software pacakge X users
another folder is assigned to software package Y users
drive mappings to the relevant folder are done via group membership.

and I can't think of a way to do that with Samba in a way that allos 
X users to see only X, and Y users to see only Y, yet retaining a 
singel drive letter for those who are in both groups....

} able do it somehow.  I don't want to screw this upgrade up, and any
} help would be appreciated.  I am hoping someone has already done it
} before and has written a Howto or something about it.

I'm thinking of putting it all down on paper when I've got it 
working.... don't hold your breath, I suspect I'll be way too busy 
for a while yet...


--
       DA Fo rsyth            Network Supervisor
Principal Technical Officer  -- Institute for Water Research
http://www.ru.ac.za/institutes/iwr/

Hello, 
I ran into this problem in the past but have since resolved group issues. 
First of all I am currently using: 
RedHat 8.0 
OpenLDAP 2.1.30 
Berkeley DB 4.2.52 LDAP backend 
Samba 3.0.0 
(1) PDC (5) BDC many, (1) master OpenLDAP (6) slave OpenLDAP 
These reside in different buildings around town. 
 
All groups and users exist in the LDAP directory, there are only a few local 
user accounts. I used authconfig to move authentication to LDAP where each 
server has a copy of the directory. You should also add a line to system-auth: 
account     sufficient    /lib/security/pam_localuser.so 
 
This allows logon to a local account in the event LDAP is down. 
 
In smb.conf in the netlogon share I have: 
 
[netlogon] 
        comment = Netlogon share 
        root preexec = /usr/local/samba/netlogon/prelogon.pl %U 
        path = /usr/local/samba/netlogon 
        locking = no 
        browseable = no 
        read only = yes 
        hide files = /*.dll/*.rap/*.kix/*.bat/*.pl/ 
 
The prelogon.pl creates individual batch files for the user based on group 
membership. Here is some of prelogon.pl: 
 
#!/usr/bin/perl 
$user = $ARGV[0]; 
$groups = `/usr/bin/groups $user`; 
chomp $groups; 
open (LOGON,">/usr/local/samba/netlogon/$user.bat"); 
# 
# Cafeteria maps 
# 
if ($groups =~ m/whs-cafe/ ) { 
print LOGON "net use q: \\\\whs1\\cafeteria /yes\r\n"; 
} 
f ($groups =~ m/whsstaff/ ) { 
print LOGON "net use s: \\\\whs1\\staff /yes\r\n"; 
print LOGON "net use p: \\\\whs1\\common /yes\r\n"; 
} 
close (LOGON); 
 
The first part of the logon process calls either an assigned script that is in 
LDAP or the default that is in smb.conf. Here is the default whs1.bat: 
 
net time \\whs1 /set /y 
rem \\whs1\pca\PCAnalyser.exe /ignore all 
NNN0XXXXXX1PNN535495%apppath%\netdiscover\%computername%.pca 
net use H: /HOME /yes 
net use x: \\whs1\netlogon 
net use p: \\whs1\programs 
x: 
x:\wkix32.exe whs1.kix 
 
This calls a kixtart script processor script whs1.kix that does stuff based on 
OS: 
 
CLS 
x: 
CD \ 
If @PRODUCTTYPE = "Windows 95" 
        Shell "w9x.bat" 
        Shell "@USERID.bat" 
EndIf 
If @PRODUCTTYPE = "Windows 98" 
        Shell "w9x.bat" 
        Shell "@USERID.bat" 
EndIf 
If @PRODUCTTYPE = "Windows 2000 Professional" 
        Shell "@USERID.bat" 
        Shell "\\whs1\netlogon\runasp.exe whs1xp.rap" 
EndIf 
If @PRODUCTTYPE = "Windows XP Home Edition" 
        Shell "@USERID.bat" 
        Shell "\\whs1\netlogon\runasp.exe whs1xp.rap" 
EndIf 
If @PRODUCTTYPE = "Windows XP Professional" 
        Shell "@USERID.bat" 
        Shell "\\whs1\netlogon\runasp.exe whs1xp.rap" 
EndIf 
EXIT 
 
The USERID.bat was the batch file created by prelogon.pl. The additional batch 
file and runasp.exe are used to update virus definitions. 
 
Since everything is located in the netlogon directory I sync these at night 
with rsync. If a person from one building logons into the system in another 
building they get the correct drive mappings based on group membership. Their 
logon script exists in LDAP and group membership used by prelogon.pl comes 
from LDAP which is common to all servers. 
 
Hope this helps.  
 
 
Kent N 
 
iwrTech@iwr.ru.ac.za wrote:  
> On 21 Sep 2004 , Misty Stanley-Jones entreated about 
>  "[Samba] Upgrade Novell 4.11 to Samba 3.0.7 wisdom": 
>  
> } Has anybody done such a thing as this?  I'm looking to make this 
> } transition as smooth as possible.  I have the new fileserver up and 
>  
> I'm busy replacing a Netware 3.12 box.... with FreeBSD 5.2.1 and  
> Samba 3.0.7 
>  
> } running, and I'm using rsync to keep the Novell data current on the 
>  
> 3.12 won't do fancy stuff like that, and when I tried to use  
> mount_nwfs I rather successfully locked up the BSD box completely.   
> through several tries with different configs.  so I'll be  
> transferring data via a PC with mappings to both systems... 
>  
> } Samba server.  Any words of advice on transferring the users and groups 
> } and permissions over to the new server in the least painful way 
> } possible?  I have some idea that Novell uses LDAP so that I should be 
>  
> My system needs a makeover so I'm not transferring so much as re- 
> engineering, so can't help you much.   I'm creating new groups to  
> mirror some of the existing Novell groups, dropping some, and adding  
> others.  My big hurdle at the moment is figuring a way round the  
> sheer versatility I had on the Novell box.... 
> ie, have a volume named 'graf' 
> a folder on that is assigned to software pacakge X users 
> another folder is assigned to software package Y users 
> drive mappings to the relevant folder are done via group membership. 
>  
> and I can't think of a way to do that with Samba in a way that allos  
> X users to see only X, and Y users to see only Y, yet retaining a  
> singel drive letter for those who are in both groups.... 
>  
> } able do it somehow.  I don't want to screw this upgrade up, and any 
> } help would be appreciated.  I am hoping someone has already done it 
> } before and has written a Howto or something about it. 
>  
> I'm thinking of putting it all down on paper when I've got it  
> working.... don't hold your breath, I suspect I'll be way too busy
> for a while yet... 
>  
>  
> -- 
>        DA Fo rsyth            Network Supervisor 
> Principal Technical Officer  -- Institute for Water Research 
> http://www.ru.ac.za/institutes/iwr/ 
>  
>  
>  
> --  
> To unsubscribe from this list go to the following URL and read the 
> instructions:  http://lists.samba.org/mailman/listinfo/samba 
>