samba - Feb 2009 - Migrating Samba PDC from one server to another

Hi All,

I'm in the need to migrate a PDC based on samba 3 with TDB backend (on a
Fedora 8 Box) onto a new server (based on Ubuntu server 8.10).
Il call them OLD and NEW from now on.

I've tried to install the new server with LDAP module for authentication
(following the documents found on ubuntu site) and I manage migrate the
users and machine accounts with PDBEDIT command but I still got a lot of
problems. (OLD is now used only as file server)
A lot of users can login only on their own XP client while are rejected by
others workstations.
Newly created users are rejected by workstations.

I'm planning to revert to use OLD as PDC and try to reconfigure samba on
NEW. I think that I missed some vital steps regarding this migration. I'm
not sure about how do I have to configure the SID for the new server.
I'm going to perform the following steps:
-configure again OLD as PDC ans NEW as file server
-verify that users can login on workstation and authenticate on network
-join NEW as member server on OLD domain via net rpc command
-verify that users can access shares on NEW
-migrate the users on NEW with net rpc vampire command
-configure NEW as BDC
-stop samba on OLD and check everything

Is this a clean way to proceed ? is there a simpler way to migrate the
configurations/users/machine accounts?

> Is this a clean way to proceed ? is there a simpler way to migrate the
> configurations/users/machine accounts?
You probably just missed setting the SID;  make sure net getlocalsid
returns the same thing on the new PDC as it did on the old PDC (use "net
setlocalsid").  I believe the local and domain SID on a PDC are always
the same.

[root@littleboy openldap]# net getdomainsid
SID for local machine BARBEL is: S-1-5-21-2037442776-3290224752-88127236
SID for domain BACKBONE is: S-1-5-21-2037442776-3290224752-88127236
[root@littleboy openldap]#