Hi,
I'm trying to prepare migration from NT4 server to samba with ldap
backend. For testing and simulating I have prepared one NT4 server, one
Centos 5.5 samba server and now I have almost working setup for
vampiring users and groups.
Using following packages:
samba3.i386 3.5.7-43.el5
samba3-cifsmount.i386 3.5.7-43.el5
samba3-client.i386 3.5.7-43.el5
samba3-doc.i386 3.5.7-43.el5
samba3-utils.i386 3.5.7-43.el5
smbldap-tools.noarch 0.9.5-2.el5.rf
openldap.i386 2.3.43-12.el5_5.3
openldap-clients.i386 2.3.43-12.el5_5.3
openldap-servers.i386 2.3.43-12.el5_5.3
On NT4 PDC I have entered only some sample users and groups.
I'm worried about error messages during vampiring.
1) Why and what does mean "ldapsam_update_sam_account: No user to
modify!"?
2)It creates EKRPTESTSERV$ machine account, but next complains that user
EKRPTESTSERV_ doesn't exist. Why $ is being replaced by _? Same with
second machineaccount which the samba machine and what are consequences
of that error? Is it the same bug?
https://bugzilla.samba.org/show_bug.cgi?id=5722
3) There is also group Administrators which contains user Administrator
and group Domain Admins on NT4 PDC, but those do not get vampired... on
linux server, group Administrators is empty: Administrators:*:544:
Following is vampire log:
net rpc vampire -S EKRPTESTSERV -U Administrator
Fetching (to passdb) DOMAIN database
Creating unix group: 'specialusers1'
Creating account: Administrator
Creating account: Guest
ldapsam_update_sam_account: No user to modify!
Creating account: EKRPTESTSERV$
/usr/sbin/smbldap-usermod: user EKRPTESTSERV_ doesn't exist
smb_set_primary_group: Running the command `/usr/sbin/smbldap-usermod -g
'Domain Users' 'EKRPTESTSERV_'' gave 1
Creating account: kasutaja1
Creating account: kasutaja2
Creating account: kasutaja3
Creating account: kasutaja4
Creating account: ldap2$
/usr/sbin/smbldap-usermod: user ldap2_ doesn't exist
smb_set_primary_group: Running the command `/usr/sbin/smbldap-usermod -g
'Domain Users' 'ldap2_'' gave 1
Group members of Domain Admins: root,kasutaja1,
adding user kasutaja1 to group Domain Admins
Group members of Domain Users:
root(primary),EKRPTESTSERV$,kasutaja1(primary),kasutaja2(primary),kasutaja3(primary),kasutaja4(primary),ldap2$,
User EKRPTESTSERV_ does not exist: create it first !
User ldap2_ does not exist: create it first !
Group members of Domain Guests: nobody,
adding user nobody to group Domain Guests
Group members of specialusers1: kasutaja1,kasutaja3,
adding user kasutaja1 to group specialusers1
adding user kasutaja3 to group specialusers1
Fetching (to passdb) BUILTIN database
skipping SAM_DOMAIN_INFO delta for 'Builtin' (is not my domain)
Creating unix group: 'Guests'
Creating unix group: 'Server Operators'
Creating unix group: 'Users'
--
with best regards
Veiko