Short background :
Due to Windows Seven deplaoyment we have to upgrade Samba 3.0 to Samba
3.4 (actually less version but I see no reason not to go directly to 3.4).
And due to SQL backend support aborted we have to switch from SQL
backend to LDAP backend.
What I have in mind to do this migration is the following :
-install samba 34/OpenLDAP (I also change the machine in the meantime)
-configure Samba 34 to use the ldap backend, the smb.conf will be
rewriten from scratch.
- sync the sid with net getlocalsid and netsetlocalsid.
-pdbedit -e to export users and pdbedit -eg to export groups (on the old
server).
-pdbedit -i and pdbedit -ig on the new server.
-tests.
I'm far to be an expert in Samba, so advices on this procedure are very
welcome.
While checking that everything should be ok, I did a pdbedit -L and many
lines (less than 1000) like this one appeared :
lookup_global_sam_rid: looking up RID 513.
Executing query SELECT
nt_logon_time,nt_logoff_time,nt_kickoff_time,nt_pass_last_set_time,nt_pass_can_change_time,nt_pass_must_change_time,username,nt_domain,nt_username,gecos,nt_homedir,nt_dir_drive,nt_logon
Can't find a unix id for an unmapped group
No user SID retrieved from database!
There are 3 RIDs concerned : 513, 11001, 515.
Can I correct this error before migrating ? Is it mandatory/interesting
to correct this error ?
This is the output of the testparm command :
Load smb config files from /usr/local/etc/smb.conf
Processing section "[netlogon]"
Unknown parameter encountered: "readable"
Ignoring unknown parameter "readable"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
dos charset = 850
unix charset = ISO8859-1
workgroup = CYANIDE
netbios name = PDC
server string = Primary Domain Controller
passdb backend = mysql:foo
passwd program = /usr/local/bin/php -q
/root/CyanManager/samba/update_mysql_password.php %u
passwd chat = "password:" %n\n "ok\n"
passwd chat debug = Yes
unix password sync = Yes
log level = 5
log file = /var/log/samba/log.%m
fam change notify = No
load printers = No
domain logons = Yes
os level = 128
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
foo:unknown 6 column = nt_unknown_6
foo:logon count column = nt_logon_count
foo:bad password count column = nt_bad_password_count
foo:logon hours column = nt_logon_hours
foo:hours len column = nt_hours_len
foo:logon divs column = nt_logon_divs
foo:acct ctrl column = nt_acct_ctrl
foo:plain pass column = NULL
foo:nt pass column = nt_pw
foo:lanman pass column = nt_lm_pw
foo:group sid column = nt_group_sid
foo:user sid column = nt_user_sid
foo:munged dial column = nt_munged_dial
foo:unknown string column = nt_unknown_str
foo:workstations column = nt_workstations
foo:acct desc column = nt_acct_desc
foo:profile path column = nt_profile_path
foo:logon script column = nt_logon_script
foo:dir drive column = nt_dir_drive
foo:home dir column = nt_homedir
foo:fullname column = gecos
foo:nt username column = nt_username
foo:domain column = nt_domain
foo:username column = username
foo:pass history = NULL
foo:pass must change time column = nt_pass_must_change_time
foo:pass can change time column = nt_pass_can_change_time
foo:pass last set time column = nt_pass_last_set_time
foo:kickoff time column = nt_kickoff_time
foo:logoff time column = nt_logoff_time
foo:logon time column = nt_logon_time
foo:mysql database = ***********
foo:mysql password = ************
foo:mysql user = ********
foo:mysql host = 10.1.8.12
foo:host = 10.1.8.12
admin users = administrateur
[netlogon]
path = /var/samba/netlogon
browseable = No
--
Bastien Semene
Administrateur R?seau& Syst?me
Cyanide Studio - FRANCE
Hi, as far as i know the RID's are not implemented in the sql backend. that's why it spits out these rid errors... i'm sorry, but i lack the time to continue with the sql backend... i'm not sure if your setup is going to work... but why not keep them both.. do the upgrade, and leave the old 3.0 arround. test it all, and if not work, take the old 3.0 and fiddle more until it works... ?! btw, need to do the same here in a while, keep me posted on your tracks.. Collen. On 5-5-2010 15:37, Bastien Semene wrote:> Short background : > Due to Windows Seven deplaoyment we have to upgrade Samba 3.0 to Samba > 3.4 (actually less version but I see no reason not to go directly to > 3.4). > And due to SQL backend support aborted we have to switch from SQL > backend to LDAP backend. > > What I have in mind to do this migration is the following : > > -install samba 34/OpenLDAP (I also change the machine in the meantime) > -configure Samba 34 to use the ldap backend, the smb.conf will be > rewriten from scratch. > - sync the sid with net getlocalsid and netsetlocalsid. > -pdbedit -e to export users and pdbedit -eg to export groups (on the > old server). > -pdbedit -i and pdbedit -ig on the new server. > -tests. > > I'm far to be an expert in Samba, so advices on this procedure are > very welcome. > > > While checking that everything should be ok, I did a pdbedit -L and > many lines (less than 1000) like this one appeared : > lookup_global_sam_rid: looking up RID 513. > Executing query SELECT > nt_logon_time,nt_logoff_time,nt_kickoff_time,nt_pass_last_set_time,nt_pass_can_change_time,nt_pass_must_change_time,username,nt_domain,nt_username,gecos,nt_homedir,nt_dir_drive,nt_logon > > Can't find a unix id for an unmapped group > No user SID retrieved from database! > > There are 3 RIDs concerned : 513, 11001, 515. > > Can I correct this error before migrating ? Is it > mandatory/interesting to correct this error ? > > -- snip --