Daniel Morlock
2005-Oct-24 16:05 UTC
[Samba] Samba 3.0.14a-Debian, MySQL Backend, Migration Problem
Hi, I have an old system running Samba 3 with default passwd backend for about 30 users. Not I set up a new Samba 3.0.14a with mysql backend on another machine. I'd like to migrate the users from old system to the new system! I read through the official Samba HOWTOS and googled, but no useful concept of migration found. At the weekend I tested the following concept: - Configure the new server as BDC for the old server => Join the domain: "net rpc join -S OLD_SERVER -w DOMNAME -U Administrator%passwd" => Get the local SID with: "net rcp getsid" => Sync the old /var/lib/samba with the new /var/lib/samba => Sync the shared data and profiles => Sync /etc/passwd /etc/samba/smbpasswd /etc/group (Note: I decided to set up a default passwd backend, and if this is running, I change to mysql backend) After I changed the smb.conf I restarted the servers and I become the message from BDC: "become domain logon server for DOMAIN". The testparm script tells me, that the smb.conf is set up correctly and it returns: Server role: ROLE_DOMAIN_BDC. A quick test was successful, I can login / logout from a domain user account on a windows xp station. Now I want to deactivate the old server and login with only the new server, so I shutdown the old server. A further login is working, BUT: I can login / logout without problems, so the authentification with BDC only is working! But I get the windows error message, that the group and user policies are wrong and therefore windows creates a new local profile. So my questions: - Have someone an idea to fix this problem? - Make my concept sense or does someone has a better concept? I hope you can help me with my problem. Regards, Daniel Morlock
John T Benedetto
2005-Oct-24 16:12 UTC
[Samba] Samba 3.0.14a-Debian, MySQL Backend, Migration Problem
Afraid I can't help you, but I'm dying to know: *WHY* the MySQL backend? I was wondering what compelling reason you might have to create a setup that way? Curious, john in albuquerque On Mon, 24 Oct 2005 18:06:26 +0200 "Daniel Morlock" <daniel.morlock@morpheus-network.de> wrote:> Hi, > > I have an old system running Samba 3 with default passwd >backend for about > 30 users. Not I set up a new Samba 3.0.14a with mysql >backend on another > machine.
Collen Blijenberg
2005-Oct-26 07:19 UTC
[Samba] Samba 3.0.14a-Debian, MySQL Backend, Migration Problem
This would be a nice feature for future releases of samba. to be able to make a dump of your users/machine accounts. let's say an import/export function of user & machine account.. it let's you migrate from differend passwd backend easely.. dunno just trying to help here, with some ideas.. Greets Collen Daniel Morlock wrote:> Hi, > > I have an old system running Samba 3 with default passwd backend for about > 30 users. Not I set up a new Samba 3.0.14a with mysql backend on another > machine. I'd like to migrate the users from old system to the new system! I > read through the official Samba HOWTOS and googled, but no useful concept of > migration found. > > At the weekend I tested the following concept: > > - Configure the new server as BDC for the old server > => Join the domain: "net rpc join -S OLD_SERVER -w DOMNAME -U > Administrator%passwd" > => Get the local SID with: "net rcp getsid" > => Sync the old /var/lib/samba with the new /var/lib/samba > => Sync the shared data and profiles > => Sync /etc/passwd /etc/samba/smbpasswd /etc/group (Note: I decided to > set up a default passwd backend, and if this is running, I change to mysql > backend) > > After I changed the smb.conf I restarted the servers and I become the > message from BDC: "become domain logon server for DOMAIN". The testparm > script tells me, that the smb.conf is set up correctly and it returns: > Server role: ROLE_DOMAIN_BDC. > > A quick test was successful, I can login / logout from a domain user account > on a windows xp station. Now I want to deactivate the old server and login > with only the new server, so I shutdown the old server. A further login is > working, BUT: > > I can login / logout without problems, so the authentification with BDC only > is working! But I get the windows error message, that the group and user > policies are wrong and therefore windows creates a new local profile. > > So my questions: > - Have someone an idea to fix this problem? > - Make my concept sense or does someone has a better concept? > > I hope you can help me with my problem. > Regards, > > Daniel Morlock >