Joey Officer
2009-Aug-06 20:01 UTC
[Samba] migrating from freebsd to linux - wbinfo mismatch
We're beginning a migration from FreeBSD w/ Samba Version 3.0.28a to Gentoo Linux w/ Samba Version 3.0.33. Both the BSD system and the Linux system are joined to the domain, using the same krb5.conf file and nearly identical global sections of the smb.conf file. What I've found is the UID and GID are not aligned with each other. For example: (dc2: 14:52:53 </var/db/samba>) 0 # wbinfo -i jofficer jofficer:*:10019:10018:Joey Officer fs1 private # wbinfo -i jofficer jofficer:*:10017:10000:Joey Officer In this case, dc2 is the original BSD system and fs1 is the new Linux box. In addition to the UIDs being off, the GIDs are also off: (dc2: 14:54:54 </var/db/samba>) 0 # wbinfo --group-info "domain users" domain users:x:10018 fs1 private # wbinfo --group-info "domain users" domain users:x:10000 Normally, I wouldn't immediately recognize this as a problem, however since I migrated the files and directories from DC2, all of the user/group ownerships are skewed and therefore a user would be unable to gain access to their files. Can anyone offer any insight into the problem here? Joey Officer Systems Administrator iStream Financial Services 262-432-1536 CONFIDENTIALITY NOTICE This electronic mail and the information contained herein are intended for the named recipient only. It may contain confidential, proprietary and/or privileged information. If you have received this electronic mail in error, please do not read any text other than the text of this notice and do not open any attachments. Also, please immediately notify the sender by replying to this electronic mail or by collect call to (262) 796-0925. After notifying the sender as described above, please delete this electronic mail message immediately and purge the item from the deleted items folder (or the equivalent) of your electronic mail system. Thank you.
Joey Officer
2009-Aug-06 22:05 UTC
[Samba] migrating from freebsd to linux - wbinfo mismatch
For testing sake, we did opt to copy the winbind cache files. And once we finalize the conversion, we can do the same thing. When you say "... each machine will hand them out to users independently of other machines, in the order in which they first hit the server." Do you mean in the order that getend passwd and getend group lists the users and groups available? As a side note, another Linux box I use for testing appears to use the same UID/GID as the new Linux file server (fs1 from earlier). I'm not familiar with using RID ids, but Dale also mentioned this as a solution. I will spend some time reading up on RIDs tomorrow. Thanks for the feed back. -----Original Message----- From: Steve Rippl [mailto:rippls at woodlandschools.org] Sent: Thursday, August 06, 2009 3:28 PM To: Joey Officer Subject: Re: [Samba] migrating from freebsd to linux - wbinfo mismatch Assuming you're using winbind to map uid/gid, each machine will hand them out to users independently of other machines, in the order in which they first hit the server. If you want consistent uid/gid between machines you need to use rid or ldap. I guess if you're migrating away from one to the other you could move your winbind cache files over to the new machine, but you couldn't have them running at the same time with new users and expect them to stay synced. Joey Officer wrote:> We're beginning a migration from FreeBSD w/ Samba Version 3.0.28a to > Gentoo Linux w/ Samba Version 3.0.33. Both the BSD system and theLinux> system are joined to the domain, using the same krb5.conf file and > nearly identical global sections of the smb.conf file. > > > > What I've found is the UID and GID are not aligned with each other.For> example: > > > > (dc2: 14:52:53 </var/db/samba>) 0 # wbinfo -i jofficer > > jofficer:*:10019:10018:Joey Officer > > > > fs1 private # wbinfo -i jofficer > > jofficer:*:10017:10000:Joey Officer > > > > In this case, dc2 is the original BSD system and fs1 is the new Linux > box. In addition to the UIDs being off, the GIDs are also off: > > > > (dc2: 14:54:54 </var/db/samba>) 0 # wbinfo --group-info "domain users" > > domain users:x:10018 > > > > fs1 private # wbinfo --group-info "domain users" > > domain users:x:10000 > > > > Normally, I wouldn't immediately recognize this as a problem, however > since I migrated the files and directories from DC2, all of the > user/group ownerships are skewed and therefore a user would be unableto> gain access to their files. > > > > Can anyone offer any insight into the problem here? > > > > Joey Officer > Systems Administrator > iStream Financial Services > > 262-432-1536 > > > > CONFIDENTIALITY NOTICE > This electronic mail and the information contained herein are intended > for the named recipient only. It may contain confidential,proprietary> and/or privileged information. If you have received this electronic > mail in error, please do not read any text other than the text of this > notice and do not open any attachments. Also, please immediatelynotify> the sender by replying to this electronic mail or by collect call to > (262) 796-0925. After notifying the sender as described above, please > delete this electronic mail message immediately and purge the itemfrom> the deleted items folder (or the equivalent) of your electronic mail > system. Thank you. > > > >-- Steve Rippl Technology Director Woodland School District 360 225 9451 x326