you are right! please excuse me I misread! Giorgio
On 4/7/10, Gaiseric Vandal <gaiseric.van...@gmail.com> wrote: > They should be the same SID. The SID of a DC should the same as the SID of > the domain itself. And if you had multiple DC's they should all have the > same SID. > > At least that is what I have and it seems to work for me. > > > > > On 04/07/2010 10:14 AM, GG wrote: > > Hello Vladimir and anyone else reading :-) ! > > > > Attaching these files: > > > > - gg-edited.ldif > > - slapd.conf.destination.txt > > - slapd.conf.source.txt > > - ldap.conf.destination.txt > > - ldap.conf.source.txt > > - slapadd-ing.LOG this was the log while importing ldif > > > > > > NET SID ETC > > net setlocalsid > S-1-5-21-1168...........-..................-...............2 > > net setdomainsid > S-1-5-21-1168...........-..................-...............1 > > > > does net setlocal and domain sid have sense or should it be > > net setdomainsid > > twice with different sids? > > > > Thanks very much! > > > > Giorgio > > > > On 4/6/10, Vladimir > Psenicka<vladimir.pseni...@prodeco.cz> wrote: > > > > > > > Hi Gorgio > > > > > > Dne 2.4.2010 17:01, GG napsal(a): > > > > > > > > > > Hi all, > > > > > > > > So I have > > > > openldap2-2.1.12-74 > > > > samba-2.2.7a-72 > > > > > > > > I would like to migrate this existing PDC service to a new server and > > > > to current production / stable releases (especially for windows 7 > > > > joining to the domain). > > > > > > > > New server is Debian Lenny stable. > > > > > > > > I have exported the domain SID, and ldap.ldif > > > > > > > > Now lets get down to it :-) > > > > Before importing should I do something about organizational units and > so? How? > > > > > > > > > > > > > > > > > Import only data to LDAP no configs (slapcat->slapadd) > > > > > > > > > > > > > > slapadd -c -l slapcat.ldif > > > > I did this but attached errors showed up. > > > > > > > > Error, entries missing! > > > > entry 3: dc=people,dc=ExampleDomain,dc=it > > > > entry 4: dc=groups,dc=people,dc=ExampleDomain,dc=it > > > > > > > > > > > Can you post first 100 lines of your ldif you try to import? You > > > probably missing some base ldif. > > > > > > > > > > > > > > > > > I know nothing about ldap, but my ldap is probably missing some pre > > > > required settings ? :-/ > > > > > > > > > > > > > > > Can you post slapd.conf also? > > > > > > > > > > > > > > > > Cheers! > > > > Giorgio > > > > > > > > > > > > > > > > > Configs yes, live data no, but if you have ldap it *should* be > enough to > > > > > import ldif from old server, configure samba to use ldap and run > smbpasswd > > > > > -W to store ldap admin dn pass to secrets.tdb. After that you can > test if > > > > > samba see imported users in ldap (pdbedit -L). > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On 3/27/10, Vladimir > Psenicka<vladimir.pseni...@prodeco.cz> wrote: > > > > > > > > > > > > > On Fri, 26 Mar 2010 15:32:50 +0100, GG<joj...@gmail.com> wrote: > > > > > > > > > > > > > > > > wow I made it! > > > > > > > > > > > > I copied net and all the libs it complained about from another > suse > > > > > > server which was not missing it :-) > > > > > > > > > > > > [2010/03/26 15:07:37, 0] > param/loadparm.c:map_parameter(2435) > > > > > > Unknown parameter encountered: "domain admin group" > > > > > > [2010/03/26 15:07:37, 0] > param/loadparm.c:lp_do_parameter(3125) > > > > > > Ignoring unknown parameter "domain admin group" > > > > > > SID for domain > ThisIsLikeTheHostNameOrMaybeAtestDomain??? > > > > > > is: S-1-5-21-1bla bla > > > > > > SID for domain THISISMYDOMAIN is: S-1-5-other-bla bla > > > > > > > > > > > > Which shall I import? > > > > > > > > > > > > > > > > > > > > > > > Import both for sure:-). First is localsid, second is domainsid > > > > > > > > > > > > > > > > > > > > > So now back to mail number 2 :-) > > > > > > > > > > > > LDAP: I exported ldif :-) now > > > > > > I copied /etc/groups passwd shadow aliases > > > > > > > > > > > > now on the new server: > > > > > > > > > > > > how do I import LDAP and all its configs, > > > > > > samba and all its configs are only in smb.conf? > > > > > > > > > > > > > > > > > > > > > > > Import only data to LDAP no configs (slapcat->slapadd) > > > > > Configs yes, live data no, but if you have ldap it *should* be > enough to > > > > > import ldif from old server, configure samba to use ldap and run > smbpasswd > > > > > -W to store ldap admin dn pass to secrets.tdb. After that you can > test if > > > > > samba see imported users in ldap (pdbedit -L). > > > > > > > > > > > > > > > > > > > > > :-) > > > > > > Giorgio > > > > > > > > > > > > > > > > > > > > > > > > On 3/26/10, Vladimir > Psenicka<vladimir.pseni...@prodeco.cz> wrote: > > > > > > > > > > > > > > > > > > > Paste ldap admin dn or ldap suffix in your smb.conf > > > > > > > > > > > > > > Dne 26.3.2010 15:24, Vladimir Psenicka napsal(a): > > > > > > > > > > > > > > > > > > > > > > try this: > > > > > > > > > > > > > > > > ldapsearch -x -h localhost -D > "cn=Manager,dc=WORKGROUP,dc=it" -W -b > > > > > > > > > "sambaDomainName=WORKGROUP,dc=WORKGROUP,dc=it" > > > > > > > > > > > > > > > > Dne 26.3.2010 15:00, GG napsal(a): > > > > > > > > > > > > > > > > > > > > > > > > > Hello! > > > > > > > > > > > > > > > > > > I'm stuck on getdomainsid: Net command is missing even > though libs > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > and > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > smbclient are installed. > > > > > > > > > > > > > > > > > > I tried this: > > > > > > > > > # ldapsearch -x -h localhost -D "cn=Manager,dc=domain,dc=it" > -W -b > > > > > > > > > "sambaDomainName=WORKGROUP,dc=domain,dc=it" > > > > > > > > > Enter LDAP Password: > > > > > > > > > # extended LDIF > > > > > > > > > # > > > > > > > > > # LDAPv3 > > > > > > > > > # > base<sambaDomainName=WORKGROUP,dc=domain,dc=it> with scope > sub > > > > > > > > > # filter: (objectclass=*) > > > > > > > > > # requesting: ALL > > > > > > > > > # > > > > > > > > > > > > > > > > > > # search result > > > > > > > > > search: 2 > > > > > > > > > result: 34 Invalid DN syntax > > > > > > > > > text: invalid DN > > > > > > > > > > > > > > > > > > # numResponses: 1 > > > > > > > > > > > > > > > > > > So: I'm not sure what is > sambaDomainName=domain,dc=domain,dc=it... > > > > > > > > > I used WORKGROUP as it is the domain we use on pcs and the > only one > > > > > > > > > defined in smb.conf > > > > > > > > > > > > > > > > > > I also tried using my pdc HOSTNAME > > > > > > > > > > > > > > > > > > and this was returned > > > > > > > > > # LDAPv3 > > > > > > > > > # > base<sambaDomainName=hostname,dc=domain,dc=it> with scope > sub > > > > > > > > > # filter: (objectclass=*) > > > > > > > > > # requesting: ALL > > > > > > > > > # > > > > > > > > > > > > > > > > > > # search result > > > > > > > > > search: 2 > > > > > > > > > result: 34 Invalid DN syntax > > > > > > > > > text: invalid DN > > > > > > > > > > > > > > > > > > # numResponses: 1 > > > > > > > > > > > > > > > > > > Any way to get through this or how to use net command? Maybe > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > updating > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > samba-client? > > > > > > > > > > > > > > > > > > I tried rpm -i samba-client but it says > > > > > > > > > file /usr/share/man/man1/smbclient.1.gz > from install of > > > > > > > > > samba-client-2.2.12-1.suse82 conflicts with file from > package > > > > > > > > > samba-client-2.2.7a-72 when trying to rpm -i > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > samba-client-2.2.12-1.rpm > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I found also the original package but it says it is already > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > installed. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > What happens if I remove samba-client and reinstall it soon > after on > > > > > > > > > the production pdc? > > > > > > > > > > > > > > > > > > > > > > > > > > > Giorgio > > > > > > > > > > > > > > > > > > On 3/26/10, Vladimir > Psenicka<vladimir.pseni...@prodeco.cz> wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > Dne 26.3.2010 13:50, GG napsal(a): > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hello! > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Have you samba-client package installed? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > yes I do at least smbclient is there! but no net command > :-/ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > pavouk\pseni...@psenicka:~> rpm -qf `which net` > > > > > > > > > > > > > samba-client-3.5.1-4.1.x86_64 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > So here are the issues encountered... > > > > > > > > > > > file /usr/share/man/man1/smbclient.1.gz > from install of > > > > > > > > > > > samba-client-2.2.12-1.suse82 conflicts with file from > package > > > > > > > > > > > samba-client-2.2.7a-72 when trying to rpm -i > > > > > > > > > > > samba-client-2.2.12-1.rpm > > > > > > > > > > > I found on net... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > or you can dig domainsid from ldap > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This sounds interesting! How do I do that? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > modify to your needs (domain): > > > > > > > > > > > > > > > > > > > > ldapsearch -x -h ldap -D "cn=admin,dc=domain,dc=cz" -W -b > > > > > > > > > > "sambaDomainName=domain,dc=domain,dc=cz" > > > > > > > > > > > > > > > > > > > > sambaSID: is your domainsid > > > > > > > > > > > > > > > > > > > > or you can use phpldapadmin to manage you ldap from > browser > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks very much! > > > > > > > > > > > Giorgio > > > > > > > > > > > > > > > > > > > > > > On 3/26/10, GG<joj...@gmail.com> wrote<script > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > type="text/javascript" > > > > > > src="https://mail.prodeco.cz/roundcube/program/js/tiny_mce/themes/advanced/langs/cs.js?s=1240817786"></script>: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hi! > > > > > > > > > > > > > > > > > > > > > > > > I'll be at it in a few minutes installing samba client > / net > > > > > > > > > > > > command :-) > > > > > > > > > > > > > > > > > > > > > > > > I have a question about the samba sernet repos: > > > > > > > > > > > > Shall I apt-get remove samba and use > > > > > > > > > > > > > http://enterprisesamba.com/index.php?id=148 + > > > > > > > > > > > > > http://enterprisesamba.com/index.php?id=56 > > > > > > > > > > > > instead from start? > > > > > > > > > > > > > > > > > > > > > > > > What is the real advantage of sernet? What about > installing > > > > > > > > > > > > official > > > > > > > > > > > > samba.org packages, are there differences with sernet > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > (stability?) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > or > > > > > > > > > > > > is it just a more liberal repository? > > > > > > > > > > > > > > > > > > > > > > > > Also I read > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ensure that all local user and group accounts > that are used by > > > > > > > > > > > > > > > samba > > > > > > > > > > > > > > > have the same uid/gid. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Shall I copy /etc/shadow and /etc/passwd over? other > files for > > > > > > > > > > > > groups > > > > > > > > > > > > and users? > > > > > > > > > > > > > > > > > > > > > > > > I use rsync --verbose --progress --stats --compress > --rsh=ssh \ > > > > > > > > > > > > --recursive --times --perms --links \ > > > > > > > > > > > > --owner --group --devices --specials \ > > > > > > > > > > > > --exclude-from '/root/exclude.txt (if any, not in > this case > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > as > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I'm only syncing data dir)' \ > > > > > > > > > > > > r...@old_pdc:/DATA /DATA > > > > > > > > > > > > > > > > > > > > > > > > This should bring over every attribute set on files... > correct? > > > > > > > > > > > > > > > > > > > > > > > > [[[did only partially in one case: I set up a twin > install (fresh > > > > > > > > > > > > install then live cd and full rsync and after that I > kept mbr, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > but > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > changed /boot and the /ect/fstab settings) and the > server started > > > > > > > > > > > > etc.. LDAP did not work though: authentication was not > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > available... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > So I must be missing something or this rsync parameter > set must > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > be > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > missing something.. I had disconnected old PDC, set > same IP and > > > > > > > > > > > > hostname to the VM well this worked well for other > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > virtualizations > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > and > > > > > > > > > > > > in this PDC I need to upgrade to win7 compatible samba > version > > > > > > > > > > > > anyway > > > > > > > > > > > > :-) > > > > > > > > > > > > This was another story but just to share it as it is > an excellent > > > > > > > > > > > > way > > > > > > > > > > > > of migrating sometimes specially for machines you do > not master > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > and > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > this is my case very often.]]] > > > > > > > > > > > > > > > > > > > > > > > > Cheers, > > > > > > > > > > > > Giorgio > > > > > > > > > > > > > > > > > > > > > > > > On Fri, Mar 26, 2010 at 9:14 AM, Vladimir Psenicka > > > > > > > > > > > > <vladimir.pseni...@prodeco.cz> wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > > > > > > > > > > > Dne 25.3.2010 17:41, GG napsal(a): > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hello Vladimir, John and all the NG :-) > > > > > > > > > > > > > > Thanks so much for answering. I really hoped > someone would :-) > > > > > > > > > > > > > > > > > > > > > > > > > > > > So I installed Debian latest stable netinst on the > future > > > > > > > > > > > > > > production > > > > > > > > > > > > > > server and here are my issues in the quotes :-( no > net command > > > > > > > > > > > > > > on my > > > > > > > > > > > > > > suse 8.2 > > > > > > > > > > > > > > > > > > > > > > > > > > > > Cheers :-) > > > > > > > > > > > > > > Giorgio > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Thu, Mar 25, 2010 at 14:00, John H > Terpstra<*...@samba.org> > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On 03/25/2010 03:33 AM, Vladimir Psenicka > wrote: > > > > > > > > > > > > > > > > What about Debian Stable with Sernet samba > repo, where you > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > can > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > choose > > > > > > > > > > > > > > > > Samba 3.4.x or 3.5.x > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > My hints on migrating to new server: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 1. install new server (Samba,ldap etc.) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > done :-) Debian Stable netinst > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 2. set same hostname on new server > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > My ignorance comes out :-) > > > > > > > > > > > > > > Must I set it different from the production server > as FW points > > > > > > > > > > > > > > production.domain.com - I have clients using > DNS=oldPDC and PDC > > > > > > > > > > > > > > forwards queries to FW. FW has pdc.domain.com > defined to point > > > > > > > > > > > > > > to lan > > > > > > > > > > > > > > ip. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ok, can be changed later > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 3. export ldap data from old server and import > them to new > > > > > > > > > > > > > > > > server > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > slapcat -f /etc/openldap/ldap.conf -l /ldap.ldif > > > > > > > > > > > > > > OK > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ensure that all local user and group accounts > that are used by > > > > > > > > > > > > > > > samba > > > > > > > > > > > > > > > have the same uid/gid. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > my ignorance again... another hint? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 4. export SID (net getlocalsid) and set it on > new server (net > > > > > > > > > > > > > > > > setlocalsid oldsid) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Note: > > > > > > > > > > > > > > > net getdomainsid (on old server) > > > > > > > > > > > > > > > net setdomainsid (on new server) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > thanks :-) > > > > > > > > > > > > > > > > > > > > > > > > > > > > # net getdomainsid > > > > > > > > > > > > > > -bash: net: command not found :-( and not found in > yast > > > > > > > > > > > > > > > > > > > > > > > > > > > > I understand it has to do with extracting the sid > from > > > > > > > > > > > > > > /etc/samba/secrets.tdb but how do I install the > command? suse > > > > > > > > > > > > > > 8.2 yast > > > > > > > > > > > > > > has now net package and googling net is.. well > wow! > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Have you samba-client package installed? > > > > > > > > > > > > > > > > > > > > > > > > > > pavouk\pseni...@psenicka:~> rpm -qf `which net` > > > > > > > > > > > > > samba-client-3.5.1-4.1.x86_64 > > > > > > > > > > > > > > > > > > > > > > > > > > or you can dig domainsid from ldap > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 5. configure samba on new server as PDC with > ldap and shares > > > > > > > > > > > > > > > > in smb.conf > > > > > > > > > > > > > > > > from old samba smb.conf (check with testparm) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I see it only contains shares so I bet smb.conf > would just keep > > > > > > > > > > > > > > all > > > > > > > > > > > > > > the old settings rigth? /DATA will be rsynced > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Maybe smb.conf from Samba2 is too different from > Samba 3. I will > > > > > > > > > > > > > keep > > > > > > > > > > > > > current smb.conf on new server and add only shares > from old > > > > > > > > > > > > > smb.conf to > > > > > > > > > > > > > new smb.conf. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 6. stop samba on old server > > > > > > > > > > > > > > > > 7. copy all data (with perms) and netlogon > share to new > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > server > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 8. stop old server > > > > > > > > > > > > > > > > 9. start samba on new server a check > everything is working > > > > > > > > > > > > > > > > fine (domain > > > > > > > > > > > > > > > > logon from windows box, shares and perms) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > This can be done best when no users are logged > in samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > (maybe > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > at weekend?) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > P.S. We have ubuntu 8.04 as PDC and Windows 7 > can't join to > > > > > > > > > > > > > > > > domain > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > thanks I move to Debian with ease :-) ubuntu is a > great deb > > > > > > > > > > > > > > derived right? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ubuntu 8.04 LTS is now older than Debian Stable. > When Ubuntu > > > > > > > > > > > > > 10.04 LTS > > > > > > > > > > > > > comes out this will be no longer truth. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Check http://wiki.samba.org for info regarding > Windows 7. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Cheers, > > > > > > > > > > > > > > > John T. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Dne 25.3.2010 01:05, GG napsal(a): > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hello Vladimir and hi all, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks very much for replying! > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Any suggested os? I'd go for debian or what > advised, I just > > > > > > > > > > > > > > > > > happen to > > > > > > > > > > > > > > > > > know ubuntu more... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Any strategy or hint on migrating from > ancient ldap + samba > > > > > > > > > > > > > > > > > to a new server? > > > > > > > > > > > > > > > > > Already tried rsyncing (using all options to > keep perms and > > > > > > > > > > > > > > > > > attributes > > > > > > > > > > > > > > > > > grp own mod etc) on a twin v-machine but > server starts and > > > > > > > > > > > > > > > > > the ldap > > > > > > > > > > > > > > > > > auth fails to work :-( > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I'm a bit stuck at the moment :-( and I have > posponed the > > > > > > > > > > > > > > > > > problem for > > > > > > > > > > > > > > > > > too long grrr > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Giorgio > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Wed, Mar 24, 2010 at 9:20 AM, Vladimir > Psenicka > > > > > > > > > > > > > > > > > <vladimir.pseni...@prodeco.cz> wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Dne 23.3.2010 15:48, Giorgio napsal(a): > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hello, > > > > > > > > > > > > > > > > > > > Hopefully I'm in the right place asking > for help :-) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I need to move from an old physical Suse > 8.2 - samba 2.2.7 > > > > > > > > > > > > > > > > > > > + ldap - to > > > > > > > > > > > > > > > > > > > latest samba versions, I would like to > use an ubuntu 8.04 > > > > > > > > > > > > > > > > > > > virtual machine. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The domain is in production on the > physical server, to be > > > > > > > > > > > > > > > > > > > dismissed after > > > > > > > > > > > > > > > > > > > migration. It is also the file server!!! > so /DATA/ has all > > > > > > > > > > > > > > > > > > > shared and > > > > > > > > > > > > > > > > > > > permission driven file access.. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I was following > > > > > > > > > > > > > > > > > > > > https://help.ubuntu.com/8.10/serverguide/C/samba-dc.html > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > but > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I realize I am in a different > scenario... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Production so no errors are admitted > :-(, migration to new > > > > > > > > > > > > > > > > > > > os and versions.. > > > > > > > > > > > > > > > > > > > all at once? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I have a dump of the physical server (dd > sda mbr and > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > single > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > partitions :) > > > > > > > > > > > > > > > > > > > plus an rsync with all permissions daily > backup, just to > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > be > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > safe ;) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > What would you guru's suggest as a > strategy? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Can I create a new server and add it as > secondary domain > > > > > > > > > > > > > > > > > > > controller and then > > > > > > > > > > > > > > > > > > > once the replica is up? I'd feel quite > comfortable with > > > > > > > > > > > > > > > > > > > this method. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > BTW I need a new version of samba as > they have already > > > > > > > > > > > > > > > > > > > bought Windows 7 > > > > > > > > > > > > > > > > > > > boxes (without asking if they were > supported arrgh). > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks to all of you who read or > answered :-) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Gio > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hi. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Ubuntu 8.10 is bad idea if you will be > connecting Windows 7 > > > > > > > > > > > > > > > > > > into domain, > > > > > > > > > > > > > > > > > > because of old Samba version. Samba 3.4.x > or 3.5.x is > > > > > > > > > > > > > > > > > > recommended for > > > > > > > > > > > > > > > > > > Win7. Wait for Ubuntu 10.04 LTS (next > month) if you want > > > > > > > > > > > > > > > > > > Ubuntu. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > Vladimir Psenicka > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > To unsubscribe from this list go to the > following URL and > > > > > > > > > > > > > > > > > > read the > > > > > > > > > > > > > > > > > > instructions: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > To unsubscribe from this list go to the > following URL and read > > > > > > > > > > > > > > > the > > > > > > > > > > > > > > > instructions: > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > Vladimir Psenicka > > > > > > > > > > > > > IT system engineer > > > > > > > > > > > > > PRODECO, a.s. > > > > > > > > > > > > > Tel.: 417 633 762 > > > > > > > > > > > > > -- > > > > > > > > > > > > > To unsubscribe from this list go to the following > URL and read > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > the > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > instructions: > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > Vladimir Psenicka > > > > > > > > > > IT system engineer > > > > > > > > > > PRODECO, a.s. > > > > > > > > > > Tel.: 417 633 762 > > > > > > > > > > -- > > > > > > > > > > To unsubscribe from this list go to the following URL and > read the > > > > > > > > > > instructions: > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > Vladimir Psenicka > > > > > > > IT system engineer > > > > > > > PRODECO, a.s. > > > > > > > Tel.: 417 633 762 > > > > > > > -- > > > > > > > To unsubscribe from this list go to the following URL and read > the > > > > > > > instructions: > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > To unsubscribe from this list go to the following URL and read the > > > > > instructions: > https://lists.samba.org/mailman/options/samba > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > Vladimir Psenicka > > > IT system engineer > > > PRODECO, a.s. > > > Tel.: 417 633 762 > > > > > > > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: > https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba