Same physical computer, I performed a fresh and much newer o/s installation
(slackware to debian). Samba was v3.5x, moved to the newest stable debian
version. Backend is ldap. Testparm is fine. Moved old secrets.tdb, etc, to the
appropriate new locations (old system disk is both completely backed up as well
as still physically available to me, so I have all files from the old server).
Ldap is working fine (finally!), and Samba starts up. I can map shares on the
server, which is great.
To be a bit more clear about where I am at the moment, if Samba is running on
the server I cannot log onto the workstations even though I only use local
profiles (I can log on as local admin, of course, but then I have profile
issues). Stopping Samba lets me log on with cached credentials, after which I
can restart Samba and manually map drives on the workstation to shares on the
server.
What's not great is that the workstation trusts appear to have broken, and I
cannot leave/rejoin the domain (not that that's my preferred way of solving
the problem). I think I have two possibly unrelated problems:
1) I want to restablish the workstation trusts such that user accounts and files
on the workstations (all Win7) are not affected by the Samba upgrade; and
2) I need to figure out why I cannot simply rejoin the domain from the
workstations - the errors appear to be related to the use of the server's
root account to authorize the join, which worked fine before the big switch.
For #1, I wonder if I'm having a SID problem. Is there a decent
"how-to" guide that covers both migration and upgrading Samba,
confirming what files I need to preserve and how to validate that the SIDs are
the same?
For #2, I'm not sure I understand the mechanics of how a domain join
happens, and how the authorizing account is leveraged to do that. Is there a
decent explanation of that somewhere?
Help gratefully accepted. In the meantime, at least I can map shares on the
server and manually re-establish workstation backups.
