On Tue, Dec 10, 2002 at 01:58:22PM +0100, Jonas Oberg wrote: > After a frightening experience with W2K Active Directory, we've been > considering an "emergency migration" to Samba. I've been looking at > both 2.2.7 and the latest 3.0 alpha, but have found little information > about migrating from W2K. Most information seems to be about Windows > NT PDC. > > What I've tried is to pull the information from the AD tree with > pwdump3 and put it in the smbpasswd file, with some small > conversions. I've taken the domain SID and put it in DOMAIN.SID and > created all the corresponding UNIX accounts for the computers.
This won't work. You'll need to re-add all the clients to the Samba domain. The user passwords should still be valid, it's the machine accounts you'll need to re-create. Don't use the same SID. The clients will get confused as AD-PDC features will appear to have gone from the PDC. Treat it as a new domain with the same user passwords. > Unfortunately, the clients are still experiencing problems when > logging into the moved domain. Even a level 10 log doesn't tell me > anything specific about what's going on; it keeps repeating that the > user authenticated correctly. But on the W2K client, the users only > get the information that their password/username was incorrect. Once the clients are using AD, they'll expect to see all the features of an AD PDC. You need to re-add them to the Samba domain as a "downlevel" ie. NT4.x domain. Let us know how this goes. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba