peter pilsl
2007-Jan-09 12:28 UTC
[Samba] migrate old samba2.2.8 - smbpasswd to new samba3.0 - ldap - based
I'm just migrating a medium sambainstallation from old samba2.2.8 to new samba 3.0. The server is acting as PDC and there is no BDC. The new samba is based on LDAP and is already successfully tested. Now I need to transfer the whole old smbpasswd to the new ldap-style to convert users and machines with minimal effort. Especially I dont want to break the relations between the machines and the server (otherwise I would need to run to 80 machines and rejoin the new domain ....) and the user-auth. There is a NTPassword and a LMPassword in the new LDAP-structure and there are two similar numbers in the old smbpasswd-file. Is this the same? Can I just transfer this hashes for users and machines and everything is fine? And whats with the PrimaryGroupSID thats needed in the LDAP-structure (like S-1-5-21-669212683-4259385398-1987947194-513) - I couldnt find this in the old smbpasswd-structure? Can I just set this on my own? As you see I'm at the state of shooting in the dark and fiddling and trying around. Any insight would be greatly appretiated. thnx peter -- mag. peter pilsl - goldfisch.at IT-Consulting Tel: +43-650-3574035 Tel: +43-1-8900602 Fax: +43-1-8900602-15 skype: peter.pilsl pilsl@goldfisch.at www.goldfisch.at
Felipe Augusto van de Wiel
2007-Jan-09 15:23 UTC
[Samba] migrate old samba2.2.8 - smbpasswd to new samba3.0 - ldap - based
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/09/2007 10:14 AM, peter pilsl escreveu:> I'm just migrating a medium sambainstallation from old samba2.2.8 to new > samba 3.0. The server is acting as PDC and there is no BDC. > > The new samba is based on LDAP and is already successfully tested. Now I > need to transfer the whole old smbpasswd to the new ldap-style to > convert users and machines with minimal effort. Especially I dont want > to break the relations between the machines and the server (otherwise I > would need to run to 80 machines and rejoin the new domain ....) and the > user-auth.You are looking for smbldap-tools. http://cvs.samba.org/cgi-bin/cvsweb/samba/examples/LDAP/smbldap-tools/ http://www.idealx.com/content/view/184/169/lang,fr/> There is a NTPassword and a LMPassword in the new LDAP-structure and > there are two similar numbers in the old smbpasswd-file. Is this the > same? Can I just transfer this hashes for users and machines and > everything is fine?Yes, they are. But it is going to be easier and safer if you use smbldap-tools. ;)> And whats with the PrimaryGroupSID thats needed in the LDAP-structure > (like S-1-5-21-669212683-4259385398-1987947194-513) - I couldnt find > this in the old smbpasswd-structure? Can I just set this on my own?Kind of. You should check 'net groupmap'.> As you see I'm at the state of shooting in the dark and fiddling and > trying around. Any insight would be greatly appretiated.Peter, check the [1]Samba HOWTO and the [2]Samba By Example. You should also check [3]Samba LDAP HOWTO from Ignacio Coupeau, it is a little bit out-of-date, but has some cool info. 1. http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ 2. http://www.samba.org/samba/docs/man/Samba-Guide/ 3. http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html The above documentation has examples and nice information about migration scenarios, configuration and LDAP parameters, if you feel like something is missing in the documentation, please let us know.> thnx > peterKind regards, - -- Felipe Augusto van de Wiel <felipe@paranacidade.org.br> Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFo7NeCj65ZxU4gPQRAjwDAKCIludMXoUxCondKWNllNHvuqhTPgCgmYJm XkmGibEn2U1rsoj2ldEqdew=IyUr -----END PGP SIGNATURE-----