Am 2016-11-26 um 17:51 schrieb Stefan Kania via samba:> Hi Stefan, > > there are several things you have to do before you can do the migration. > Look if you have objects with the same SID. If so, change it. Look for > same Name of group- and/or user-object. If you find some, change the > names. The best thing is, take a look at the wiki or some other > documentation. I did a migration several times, even in a productive > environment, it was never a problem.Thanks for the hints, I already read the wiki, yes. I will look at the users and groups next week then. Ad "never a problem": I am the guy for these "we never had this before" cases ;-) Stefan
Am 2016-11-26 um 20:50 schrieb Stefan G. Weichinger via samba:> Thanks for the hints, I already read the wiki, yes. > I will look at the users and groups next week then.attacked that now in a VM: cpied /var/lib/samba and /etc passwd over, did something like: # tree /usr/local/samba/ /usr/local/samba/ ├── dbdir │ ├── account_policy.tdb │ ├── gencache_notrans.tdb │ ├── group_mapping.tdb │ ├── passdb.tdb │ ├── schannel_store.tdb │ ├── secrets.tdb │ └── wins.dat └── etc └── smb.PDC.conf It runs through OK mostly, things I wonder about are: * lines like: Ignoring group memberships of 'pl13' S-1-5-21-2940660672-4062535256-4144655499-2026: Unable to enumerate group memberships, (-1073741724,No such user) Do I have to have the users in /etc/passwd as well for the conversion? Asked differently: Does the classicupgrade change anythin in the running samba-config or not? Am I supposed to run it *on* the NT4-samba-PDC and just generate the new config first, then cp this generated config over into some test environment ... ? thanks, regards, Stefan
On Mon, 28 Nov 2016 09:49:31 +0100 "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:> Am 2016-11-26 um 20:50 schrieb Stefan G. Weichinger via samba: > > > Thanks for the hints, I already read the wiki, yes. > > I will look at the users and groups next week then. > > attacked that now in a VM: > > cpied /var/lib/samba and /etc passwd over, did something like: > > # tree /usr/local/samba/ > /usr/local/samba/ > ├── dbdir > │ ├── account_policy.tdb > │ ├── gencache_notrans.tdb > │ ├── group_mapping.tdb > │ ├── passdb.tdb > │ ├── schannel_store.tdb > │ ├── secrets.tdb > │ └── wins.dat > └── etc > └── smb.PDC.conf > > It runs through OK mostly, things I wonder about are: > > * lines like: > > Ignoring group memberships of 'pl13' > S-1-5-21-2940660672-4062535256-4144655499-2026: Unable to enumerate > group memberships, (-1073741724,No such user) > > Do I have to have the users in /etc/passwd as well for the conversion? > > Asked differently: > > Does the classicupgrade change anythin in the running samba-config or > not? Am I supposed to run it *on* the NT4-samba-PDC and just generate > the new config first, then cp this generated config over into some > test environment ... ? > > thanks, regards, Stefan > >Have you read this: wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade) Particularly this part: wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)#Upgrading_on_a_new_server Accepted practice is to test first in a test domain and then do it again in production, once you know exactly what needs fixing in your old setup (hopefully nothing) The upgrade should read from ldap and the Samba databases, not /etc/passwd & /etc/group Rowland