samba - Nov 2018 - Migrate users from old server to new server without moving/copying configuration

Hello all,

We're running a Samba AD DC and we want to move to a new server. The old 
server is slightly misconfigured and have some issues, and the new 
server has already been set up freshly set up with no issues and 
everything working fine.  I need to move users, groups & passwords from 
the old server to the new one without moving configuration and retaining 
the old issues, am hoping someone can help me.  The new server is 
running Debian 9 with Samba version 4.5.12-Debian - not sure what other 
information I should be putting here.

Following someone's suggestion, I've copied over /etc/passwd, 
/etc/shadow, /etc/groups, /var/lib/samba/private/passdb.tdb, sam.ldb, 
secrets.tdb but unsurprisingly this didn't work.

I've tried downloading the database from the old server using pdbedit 
but I had a host of errors, for example:

build_sam_pass: Failing attempt to store user with non-uid based user RID.
Importing account for krbtgt...failed

I'm hoping someone could tell me the best way to migrate users to the 
new server?

Many thanks for your time!

With kind regards - Piers

On Thu, 8 Nov 2018 22:08:52 +0000
Piers Kittel via samba <samba at lists.samba.org> wrote:
> Hello all,
> 
> We're running a Samba AD DC and we want to move to a new server. The
> old server is slightly misconfigured and have some issues, and the
> new server has already been set up freshly set up with no issues and 
> everything working fine.  I need to move users, groups & passwords
> from the old server to the new one without moving configuration and
> retaining the old issues, am hoping someone can help me.  The new
> server is running Debian 9 with Samba version 4.5.12-Debian - not
> sure what other information I should be putting here.
You need to fix your misconfiguration and then join a new DC, it is the
only way to transfer the data.

What is actually wrong with your DC ?
> 
> Following someone's suggestion, I've copied over /etc/passwd, 
> /etc/shadow, /etc/groups, /var/lib/samba/private/passdb.tdb, sam.ldb, 
> secrets.tdb but unsurprisingly this didn't work.
No, it wouldn't
> 
> I've tried downloading the database from the old server using pdbedit 
> but I had a host of errors, for example:
> 
> build_sam_pass: Failing attempt to store user with non-uid based user
> RID. Importing account for krbtgt...failed
Anything other than joining another DC isn't going to work.

Rowland

Rowland,

Thank you so much for replying!  I'm not exactly sure of the issues, but 
it includes very slow log-in times (>30 minutes if I move to another 
computer I've not used previously) and the KDC doesn't work.  I've
tried
joining the two servers, but it stopped the new one from working 
entirely, and I had to wipe the server and start again.  I've now spent 
some time and got the new server set up perfect, I'm not really keen on 
joining and killing the new server again, but I could try this again if 
you think this is the best way forward?

Many thanks again!

With kind regards - Piers