Greets, samba-users and -devs I am currently preparing to move a problematic Samba file server from Gentoo Linux to Debian (9.4). This particular server gives me headaches for months now, file shares stop working at random times (every few weeks or so), and after having invested quite some time into reading logs, doing upgrades/downgrades and this and that (also writing threads in here ...) I want to get rid of the Gentoo environment and change to the much more standardized Debian OS. I don't blame samba in particular, maybe I have some strange kernel setup, maybe the rsnapshots we run shoot smbd now and then ... I simply don't know. (winbindd -D10 logs available, if someone is interested ;-) ). I am now writing down the services and configfiles etc which I have to migrate and setup. This will go into a ansible/debops-project dir so that this machine will be deployable as quick and reliable as possible at migration time (maybe even a test VM before to check things). Now my samba-related questions: I assume I would "net ads leave" within gentoo linux before migration to clean up things in the ADS somehow and join the same server (= same hostname, same smb.conf) again as soon as it is running debian. My concern are the user and group ids, for sure I want to keep the data-directories (ext4 on LVM-volumes, just for the records) untouched and all the ownership and permission info should be kept as is. As far as I understand the whole mapping comes from within ADS anyway and winbindd plus nsswitch etc should give me the same setup after all. Right? Or are there maybe differences? Should I migrate /var/lib/samba or not? I'd prefer not to as I want to get a as-fresh-as-possible new environment without the maybe buggy old stuff from the old server. (for sure I do a full backup of the gentoo-root-partition ahead ...) -- Maybe this migration is not much of an issue at all but you know: better safe than sorry ;-) Thanks for any calming words and info Stefan
On Thu, 5 Apr 2018 10:30:22 +0200 "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:> > Greets, samba-users and -devs > > I am currently preparing to move a problematic Samba file server from > Gentoo Linux to Debian (9.4).If you are going to do this, use Louis's repo, it will get you a pretty much up-to-date version of Samba (4.7.6)> > Now my samba-related questions: > > I assume I would "net ads leave" within gentoo linux before migration > to clean up things in the ADS somehow and join the same server (= same > hostname, same smb.conf) again as soon as it is running debian.Yes> > My concern are the user and group ids, for sure I want to keep the > data-directories (ext4 on LVM-volumes, just for the records) untouched > and all the ownership and permission info should be kept as is. > > As far as I understand the whole mapping comes from within ADS anyway > and winbindd plus nsswitch etc should give me the same setup after > all. > > Right? Or are there maybe differences?Provided that the server in question is a Unix domain member, all you need is the smb.conf, it might be an idea to post it here. If it is a DC, then you would create a new computer, join this to the domain, then demote the old DC. Rowland
Am 2018-04-05 um 11:19 schrieb Rowland Penny via samba:> If you are going to do this, use Louis's repo, it will get you a pretty > much up-to-date version of Samba (4.7.6)Yes, sure, I do so on the 2 DCs there and will also use that on the DM.> Provided that the server in question is a Unix domain member, all you > need is the smb.conf, it might be an idea to post it here.see below. Some comments can be removed already, and the high log levels as well, sooner or later. thanks -> [global] security = ADS workgroup = ARBEITSGRUPPE realm = arbeitsgruppe.my-tld.at log file = /var/log/samba/%m.log #log level = 5 log level = 5 auth:5 winbind:8 idmap config * : backend = tdb idmap config * : range = 2000-3999 idmap config ARBEITSGRUPPE:backend = ad idmap config ARBEITSGRUPPE:range = 10000-9999999 # until 4.6.0 #idmap config ARBEITSGRUPPE:schema_mode = rfc2307 #winbind nss info = rfc2307 # new parameter: idmap config ARBEITSGRUPPE:unix_nss_info = yes username map = /etc/samba/user.map winbind use default domain = Yes winbind refresh tickets = Yes load printers = No printcap name = /dev/null vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes [data] ....