Hello! So I added openldap.schema and qmail.schema, deleted /var/lib/ldap/* and slapadd the ldif; I still get the same errors though!
Being on the first line it seems as if dn: uid=,dc=,dc=,dc= is not ok for the new version, because it imports groups correctly dn: dc=,dc=,dc= Ideas? Cheers, Giorgio On 4/8/10, Vladimir Psenicka <vladimir.pseni...@prodeco.cz> wrote: > You have in gg-edited.ldif (first error on line 52): > > dn: uid=name surname,dc=Sistemi > Informativi,dc=People,dc=GG-s-Domain,dc=it > structuralObjectClass: inetOrgPerson > entryUUID: e969a5fc-584e-1027-9dc7-fa88d05ed16f > creatorsName: cn=Manager,dc=GG-s-Domain,dc=it > createTimestamp: 20030801093311Z > objectClass: inetOrgPerson > objectClass: person > objectClass: sambaAccount > objectClass: qmailUser > objectClass: posixAccount > objectClass: shadowAccount > > Dou you have all apropriate schemas in your slapd.conf and in > /etc/ldap/schema/ on your new server? You should have all schemas in new > slapd.conf as you had in slapd.conf on old server...qmail schema etc... > > Dne 8.4.2010 11:44, GG napsal(a): > > Hello Vladimir and NG, > > > > I added samba.schema and removed the "" and it imported ldif without > > saying anything about groups now :-) > > > > There are some warnings I am attaching. > > > > It moans about > > str2entry: invalid value for attributeType objectClass #3 (syntax > > 1.3.6.1.4.1.1466.115.121.1.38) > > slapadd: could not parse entry (line=11937) > > and if I look at the ldif I find this > > dn: uid=someuid,dc=Filiali,dc=People,dc=domain,dc=it > > > > and other error > > slapadd: could not parse entry (line=11116) > > <= str2entry: str2ad(mailHost): attribute type undefined > > this is the line in ldfi... > > > > dn: uid=otheruid,dc=Esterni,dc=People,dc=domain,dc=it > > cn: otheruid > > > > But the line is always the dn: > > uid=someuid,dc=SomeSubDc,dc=People,dc=domain,dc=it > > > > but reading mailHost: I have a line in many accounts with maildir and > > mail host etc that I don't need any more; shall I remove lines > > containing mail attributes? (mytextools.com <http://mytextools.com> is > > great but I suppose there must be some regular expression too) > > > > I did a slapcat from destination server and it imported groups but no > > actual users. > > > > I removed mail alternate attibutes (not mail: as it used for creating > > alias from ldap into mail server) anyway the error seems to be in the > > DN. it needs a dn but it gives this error > > str2entry: invalid value for attributeType objectClass #3 (syntax > > 1.3.6.1.4.1.1466.115.121.1.38) > > slapadd: could not parse entry (line=1) > > > > importing a single user from a partial ldif.. > > > > > > Giorgio > > > > On 4/8/10, Vladimir Psenicka <vladimir.pseni...@prodeco.cz > > <mailto:vladimir.pseni...@prodeco.cz>> wrote: > >> 1. comments to slapd.conf: > >> > >> if slapd.conf.destination is on your new server, then you are missing > >> samba schema in your slapd.conf.destination. > >> > >> slapd.conf on new server: > >> .... > >> include /etc/ldap/schema/samba.schema > >> .... > >> > >> Get samba.schema from your current samba instalation on new server. It > >> should be in somewhere in: /usr/share/doc/samba-doc/examples/LDAP/ > >> > >> 2. comments on error importing ldif: > >> > >> slapadd-ing.LOG: > >> > >> slapadd: dn="dc=People,dc=GG-s-Domain,dc=it" (line=26): (64) value of > >> naming attribute 'dc' is not present in entry > >> > >> which is in gg-edited.ldif: > >> > >> dn: dc=People,dc=GG-s-Domain,dc=it > >> objectClass: dcObject > >> objectClass: organizationalUnit > >> ou: "People" > >> dc: "People" > >> structuralObjectClass: organizationalUnit > >> entryUUID: 067e823e-5845-1027-9dc5-fa88d05ed16f > >> creatorsName: cn=Manager,dc=GG-s-Domain,dc=it > >> createTimestamp: 20030801082225Z > >> entryCSN: 2003080108:22:25Z#0x0001#0#0000 > >> modifiersName: cn=Manager,dc=GG-s-Domain,dc=it > >> modifyTimestamp: 20030801082225Z > >> > >> Can you try delete quotes in ou: "People" and dc: "People" and try to > >> import ldif again? Or you can try delete objectClass: dcObject and dc: > >> "People". In our ldap we haven't objectClass: dcObject in dn: > >> ou=Users,dc=pavouk,dc=cz > >> > >> my ldif: > >> > >> dn: ou=Users,dc=pavouk,dc=cz > >> objectClass: organizationalUnit > >> ou: Users > >> structuralObjectClass: organizationalUnit > >> entryUUID: 00014016-c3a2-1029-9d4e-9147cb3e97d5 > >> creatorsName: cn=Manager,dc=pavouk,dc=cz > >> createTimestamp: 20050927125727Z > >> entryCSN: 20050927125727.000000Z#000001#000#000000 > >> modifiersName: cn=Manager,dc=pavouk,dc=cz > >> modifyTimestamp: 20050927125727Z > >> > >> > >> > >> > >> Dne 7.4.2010 16:14, GG napsal(a): > >> > Hello Vladimir and anyone else reading :-) ! > >> > > >> > Attaching these files: > >> > > >> > - gg-edited.ldif > >> > - slapd.conf.destination.txt > >> > - slapd.conf.source.txt > >> > - ldap.conf.destination.txt > >> > - ldap.conf.source.txt > >> > - slapadd-ing.LOG this was the log while importing ldif > >> > > >> > > >> > NET SID ETC > >> > net setlocalsid > > S-1-5-21-1168...........-..................-...............2 > >> > net setdomainsid > > S-1-5-21-1168...........-..................-...............1 > >> > > >> > does net setlocal and domain sid have sense or should it be > >> > net setdomainsid > >> > twice with different sids? > >> > > >> > Thanks very much! > >> > > >> > Giorgio > >> > > >> > On 4/6/10, Vladimir Psenicka <vladimir.pseni...@prodeco.cz > > <mailto:vladimir.pseni...@prodeco.cz>> wrote: > >> >> Hi Gorgio > >> >> > >> >> Dne 2.4.2010 17:01, GG napsal(a): > >> >>> Hi all, > >> >>> > >> >>> So I have > >> >>> openldap2-2.1.12-74 > >> >>> samba-2.2.7a-72 > >> >>> > >> >>> I would like to migrate this existing PDC service to a new server and > >> >>> to current production / stable releases (especially for windows 7 > >> >>> joining to the domain). > >> >>> > >> >>> New server is Debian Lenny stable. > >> >>> > >> >>> I have exported the domain SID, and ldap.ldif > >> >>> > >> >>> Now lets get down to it :-) > >> >>> Before importing should I do something about organizational units > > and so? How? > >> >>> > >> >>>> Import only data to LDAP no configs (slapcat->slapadd) > >> >>> slapadd -c -l slapcat.ldif > >> >>> I did this but attached errors showed up. > >> >>> > >> >>> Error, entries missing! > >> >>> entry 3: dc=people,dc=ExampleDomain,dc=it > >> >>> entry 4: dc=groups,dc=people,dc=ExampleDomain,dc=it > >> >> > >> >> Can you post first 100 lines of your ldif you try to import? You > >> >> probably missing some base ldif. > >> >> > >> >>> > >> >>> > >> >>> I know nothing about ldap, but my ldap is probably missing some pre > >> >>> required settings ? :-/ > >> >>> > >> >> > >> >> Can you post slapd.conf also? > >> >> > >> >> > >> >>> Cheers! > >> >>> Giorgio > >> >>> > >> >>>> Configs yes, live data no, but if you have ldap it *should* be > > enough to > >> >>>> import ldif from old server, configure samba to use ldap and run > > smbpasswd > >> >>>> -W to store ldap admin dn pass to secrets.tdb. After that you can > > test if > >> >>>> samba see imported users in ldap (pdbedit -L). > >> >>> > >> >>> > >> >>> > >> >>> > >> >>> > >> >>> > >> >>> On 3/27/10, Vladimir Psenicka <vladimir.pseni...@prodeco.cz > > <mailto:vladimir.pseni...@prodeco.cz>> wrote: > >> >>>> On Fri, 26 Mar 2010 15:32:50 +0100, GG <joj...@gmail.com > > <mailto:joj...@gmail.com>> wrote: > >> >>>>> wow I made it! > >> >>>>> > >> >>>>> I copied net and all the libs it complained about from another suse > >> >>>>> server which was not missing it :-) > >> >>>>> > >> >>>>> [2010/03/26 15:07:37, 0] param/loadparm.c:map_parameter(2435) > >> >>>>> Unknown parameter encountered: "domain admin group" > >> >>>>> [2010/03/26 15:07:37, 0] param/loadparm.c:lp_do_parameter(3125) > >> >>>>> Ignoring unknown parameter "domain admin group" > >> >>>>> SID for domain ThisIsLikeTheHostNameOrMaybeAtestDomain??? > >> >>>>> is: S-1-5-21-1bla bla > >> >>>>> SID for domain THISISMYDOMAIN is: S-1-5-other-bla bla > >> >>>>> > >> >>>>> Which shall I import? > >> >>>>> > >> >>>> > >> >>>> Import both for sure:-). First is localsid, second is domainsid > >> >>>> > >> >>>>> So now back to mail number 2 :-) > >> >>>>> > >> >>>>> LDAP: I exported ldif :-) now > >> >>>>> I copied /etc/groups passwd shadow aliases > >> >>>>> > >> >>>>> now on the new server: > >> >>>>> > >> >>>>> how do I import LDAP and all its configs, > >> >>>>> samba and all its configs are only in smb.conf? > >> >>>>> > >> >>>> Import only data to LDAP no configs (slapcat->slapadd) > >> >>>> Configs yes, live data no, but if you have ldap it *should* be > > enough to > >> >>>> import ldif from old server, configure samba to use ldap and run > > smbpasswd > >> >>>> -W to store ldap admin dn pass to secrets.tdb. After that you can > > test if > >> >>>> samba see imported users in ldap (pdbedit -L). > >> >>>> > >> >>>>> :-) > >> >>>>> Giorgio > >> >>>>> > >> >>>>> > >> >>>>> > >> >>>>> On 3/26/10, Vladimir Psenicka <vladimir.pseni...@prodeco.cz > > <mailto:vladimir.pseni...@prodeco.cz>> wrote: > >> >>>>>> Paste ldap admin dn or ldap suffix in your smb.conf > >> >>>>>> > >> >>>>>> Dne 26.3.2010 15:24, Vladimir Psenicka napsal(a): > >> >>>>>>> try this: > >> >>>>>>> > >> >>>>>>> ldapsearch -x -h localhost -D "cn=Manager,dc=WORKGROUP,dc=it" > > -W -b > >> >>>>>>> "sambaDomainName=WORKGROUP,dc=WORKGROUP,dc=it" > >> >>>>>>> > >> >>>>>>> Dne 26.3.2010 15:00, GG napsal(a): > >> >>>>>>>> Hello! > >> >>>>>>>> > >> >>>>>>>> I'm stuck on getdomainsid: Net command is missing even though > > libs > >> >>>> and > >> >>>>>>>> smbclient are installed. > >> >>>>>>>> > >> >>>>>>>> I tried this: > >> >>>>>>>> # ldapsearch -x -h localhost -D "cn=Manager,dc=domain,dc=it" > > -W -b > >> >>>>>>>> "sambaDomainName=WORKGROUP,dc=domain,dc=it" > >> >>>>>>>> Enter LDAP Password: > >> >>>>>>>> # extended LDIF > >> >>>>>>>> # > >> >>>>>>>> # LDAPv3 > >> >>>>>>>> # base <sambaDomainName=WORKGROUP,dc=domain,dc=it> with scope sub > >> >>>>>>>> # filter: (objectclass=*) > >> >>>>>>>> # requesting: ALL > >> >>>>>>>> # > >> >>>>>>>> > >> >>>>>>>> # search result > >> >>>>>>>> search: 2 > >> >>>>>>>> result: 34 Invalid DN syntax > >> >>>>>>>> text: invalid DN > >> >>>>>>>> > >> >>>>>>>> # numResponses: 1 > >> >>>>>>>> > >> >>>>>>>> So: I'm not sure what is > > sambaDomainName=domain,dc=domain,dc=it... > >> >>>>>>>> I used WORKGROUP as it is the domain we use on pcs and the > > only one > >> >>>>>>>> defined in smb.conf > >> >>>>>>>> > >> >>>>>>>> I also tried using my pdc HOSTNAME > >> >>>>>>>> > >> >>>>>>>> and this was returned > >> >>>>>>>> # LDAPv3 > >> >>>>>>>> # base <sambaDomainName=hostname,dc=domain,dc=it> with scope sub > >> >>>>>>>> # filter: (objectclass=*) > >> >>>>>>>> # requesting: ALL > >> >>>>>>>> # > >> >>>>>>>> > >> >>>>>>>> # search result > >> >>>>>>>> search: 2 > >> >>>>>>>> result: 34 Invalid DN syntax > >> >>>>>>>> text: invalid DN > >> >>>>>>>> > >> >>>>>>>> # numResponses: 1 > >> >>>>>>>> > >> >>>>>>>> Any way to get through this or how to use net command? Maybe > >> >>>> updating > >> >>>>>>>> samba-client? > >> >>>>>>>> > >> >>>>>>>> I tried rpm -i samba-client but it says > >> >>>>>>>> file /usr/share/man/man1/smbclient.1.gz from install of > >> >>>>>>>> samba-client-2.2.12-1.suse82 conflicts with file from package > >> >>>>>>>> samba-client-2.2.7a-72 when trying to rpm -i > >> >>>> samba-client-2.2.12-1.rpm > >> >>>>>>>> > >> >>>>>>>> I found also the original package but it says it is already > >> >>>> installed. > >> >>>>>>>> > >> >>>>>>>> What happens if I remove samba-client and reinstall it soon > > after on > >> >>>>>>>> the production pdc? > >> >>>>>>>> > >> >>>>>>>> > >> >>>>>>>> Giorgio > >> >>>>>>>> > >> >>>>>>>> On 3/26/10, Vladimir Psenicka <vladimir.pseni...@prodeco.cz > > <mailto:vladimir.pseni...@prodeco.cz>> wrote: > >> >>>>>>>>> Dne 26.3.2010 13:50, GG napsal(a): > >> >>>>>>>>>> Hello! > >> >>>>>>>>>> > >> >>>>>>>>>>>> Have you samba-client package installed? > >> >>>>>>>>>>>> > >> >>>>>>>>>> > >> >>>>>>>>>> yes I do at least smbclient is there! but no net command :-/ > >> >>>>>>>>>> > >> >>>>>>>>>>>> pavouk\pseni...@psenicka:~> rpm -qf `which net` > >> >>>>>>>>>>>> samba-client-3.5.1-4.1.x86_64 > >> >>>>>>>>>> > >> >>>>>>>>>> So here are the issues encountered... > >> >>>>>>>>>> file /usr/share/man/man1/smbclient.1.gz from install of > >> >>>>>>>>>> samba-client-2.2.12-1.suse82 conflicts with file from package > >> >>>>>>>>>> samba-client-2.2.7a-72 when trying to rpm -i > >> >>>>>>>>>> samba-client-2.2.12-1.rpm > >> >>>>>>>>>> I found on net... > >> >>>>>>>>>> > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> or you can dig domainsid from ldap > >> >>>>>>>>>> > >> >>>>>>>>>> This sounds interesting! How do I do that? > >> >>>>>>>>>> > >> >>>>>>>>> > >> >>>>>>>>> modify to your needs (domain): > >> >>>>>>>>> > >> >>>>>>>>> ldapsearch -x -h ldap -D "cn=admin,dc=domain,dc=cz" -W -b > >> >>>>>>>>> "sambaDomainName=domain,dc=domain,dc=cz" > >> >>>>>>>>> > >> >>>>>>>>> sambaSID: is your domainsid > >> >>>>>>>>> > >> >>>>>>>>> or you can use phpldapadmin to manage you ldap from browser > >> >>>>>>>>> > >> >>>>>>>>>> Thanks very much! > >> >>>>>>>>>> Giorgio > >> >>>>>>>>>> > >> >>>>>>>>>> On 3/26/10, GG <joj...@gmail.com <mailto:joj...@gmail.com>> > > wrote<script > >> >>>> type="text/javascript" > >> >>>> > > src="https://mail.prodeco.cz/roundcube/program/js/tiny_mce/themes/advanced/langs/cs.js?s=1240817786"></script>: > >> >>>>>>>>>>> Hi! > >> >>>>>>>>>>> > >> >>>>>>>>>>> I'll be at it in a few minutes installing samba client / net > >> >>>>>>>>>>> command :-) > >> >>>>>>>>>>> > >> >>>>>>>>>>> I have a question about the samba sernet repos: > >> >>>>>>>>>>> Shall I apt-get remove samba and use > >> >>>>>>>>>>> http://enterprisesamba.com/index.php?id=148 + > >> >>>>>>>>>>> http://enterprisesamba.com/index.php?id=56 > >> >>>>>>>>>>> instead from start? > >> >>>>>>>>>>> > >> >>>>>>>>>>> What is the real advantage of sernet? What about installing > >> >>>>>>>>>>> official > >> >>>>>>>>>>> samba.org <http://samba.org> packages, are there > > differences with sernet > >> >>>> (stability?) > >> >>>>>>>>>>> or > >> >>>>>>>>>>> is it just a more liberal repository? > >> >>>>>>>>>>> > >> >>>>>>>>>>> Also I read > >> >>>>>>>>>>>>>> Ensure that all local user and group accounts that are > > used by > >> >>>>>>>>>>>>>> samba > >> >>>>>>>>>>>>>> have the same uid/gid. > >> >>>>>>>>>>> > >> >>>>>>>>>>> Shall I copy /etc/shadow and /etc/passwd over? other files for > >> >>>>>>>>>>> groups > >> >>>>>>>>>>> and users? > >> >>>>>>>>>>> > >> >>>>>>>>>>> I use rsync --verbose --progress --stats --compress > > --rsh=ssh \ > >> >>>>>>>>>>> --recursive --times --perms --links \ > >> >>>>>>>>>>> --owner --group --devices --specials \ > >> >>>>>>>>>>> --exclude-from '/root/exclude.txt (if any, not in > > this case > >> >>>> as > >> >>>>>>>>>>> I'm only syncing data dir)' \ > >> >>>>>>>>>>> r...@old_pdc:/DATA /DATA > >> >>>>>>>>>>> > >> >>>>>>>>>>> This should bring over every attribute set on files... > > correct? > >> >>>>>>>>>>> > >> >>>>>>>>>>> [[[did only partially in one case: I set up a twin install > > (fresh > >> >>>>>>>>>>> install then live cd and full rsync and after that I kept mbr, > >> >>>> but > >> >>>>>>>>>>> changed /boot and the /ect/fstab settings) and the server > > started > >> >>>>>>>>>>> etc.. LDAP did not work though: authentication was not > >> >>>> available... > >> >>>>>>>>>>> So I must be missing something or this rsync parameter set > > must > >> >>>> be > >> >>>>>>>>>>> missing something.. I had disconnected old PDC, set same > > IP and > >> >>>>>>>>>>> hostname to the VM well this worked well for other > >> >>>> virtualizations > >> >>>>>>>>>>> and > >> >>>>>>>>>>> in this PDC I need to upgrade to win7 compatible samba version > >> >>>>>>>>>>> anyway > >> >>>>>>>>>>> :-) > >> >>>>>>>>>>> This was another story but just to share it as it is an > > excellent > >> >>>>>>>>>>> way > >> >>>>>>>>>>> of migrating sometimes specially for machines you do not > > master > >> >>>> and > >> >>>>>>>>>>> this is my case very often.]]] > >> >>>>>>>>>>> > >> >>>>>>>>>>> Cheers, > >> >>>>>>>>>>> Giorgio > >> >>>>>>>>>>> > >> >>>>>>>>>>> On Fri, Mar 26, 2010 at 9:14 AM, Vladimir Psenicka > >> >>>>>>>>>>> <vladimir.pseni...@prodeco.cz > > <mailto:vladimir.pseni...@prodeco.cz>> wrote: > >> >>>>>>>>>>>> Hi > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> Dne 25.3.2010 17:41, GG napsal(a): > >> >>>>>>>>>>>>> Hello Vladimir, John and all the NG :-) > >> >>>>>>>>>>>>> Thanks so much for answering. I really hoped someone > > would :-) > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> So I installed Debian latest stable netinst on the future > >> >>>>>>>>>>>>> production > >> >>>>>>>>>>>>> server and here are my issues in the quotes :-( no net > > command > >> >>>>>>>>>>>>> on my > >> >>>>>>>>>>>>> suse 8.2 > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> Cheers :-) > >> >>>>>>>>>>>>> Giorgio > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>>> On Thu, Mar 25, 2010 at 14:00, John H Terpstra > > <*...@samba.org <http://samba.org>> > >> >>>>>>>>>>>>>> wrote: > >> >>>>>>>>>>>>>>> On 03/25/2010 03:33 AM, Vladimir Psenicka wrote: > >> >>>>>>>>>>>>>>> What about Debian Stable with Sernet samba repo, where you > >> >>>> can > >> >>>>>>>>>>>>>>> choose > >> >>>>>>>>>>>>>>> Samba 3.4.x or 3.5.x > >> >>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> My hints on migrating to new server: > >> >>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> 1. install new server (Samba,ldap etc.) > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> done :-) Debian Stable netinst > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> 2. set same hostname on new server > >> >>>>>>>>>>>>> My ignorance comes out :-) > >> >>>>>>>>>>>>> Must I set it different from the production server as FW > > points > >> >>>>>>>>>>>>> production.domain.com <http://production.domain.com> - I > > have clients using DNS=oldPDC and PDC > >> >>>>>>>>>>>>> forwards queries to FW. FW has pdc.domain.com > > <http://pdc.domain.com> defined to point > >> >>>>>>>>>>>>> to lan > >> >>>>>>>>>>>>> ip. > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> Ok, can be changed later > >> >>>>>>>>>>>> > >> >>>>>>>>>>>>>>> 3. export ldap data from old server and import them to new > >> >>>>>>>>>>>>>>> server > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> slapcat -f /etc/openldap/ldap.conf -l /ldap.ldif > >> >>>>>>>>>>>>> OK > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>>> Ensure that all local user and group accounts that are > > used by > >> >>>>>>>>>>>>>> samba > >> >>>>>>>>>>>>>> have the same uid/gid. > >> >>>>>>>>>>>>> my ignorance again... another hint? > >> >>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> 4. export SID (net getlocalsid) and set it on new > > server (net > >> >>>>>>>>>>>>>>> setlocalsid oldsid) > >> >>>>>>>>>>>>>> > >> >>>>>>>>>>>>>> Note: > >> >>>>>>>>>>>>>> net getdomainsid (on old server) > >> >>>>>>>>>>>>>> net setdomainsid (on new server) > >> >>>>>>>>>>>>> thanks :-) > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> # net getdomainsid > >> >>>>>>>>>>>>> -bash: net: command not found :-( and not found in yast > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> I understand it has to do with extracting the sid from > >> >>>>>>>>>>>>> /etc/samba/secrets.tdb but how do I install the command? > > suse > >> >>>>>>>>>>>>> 8.2 yast > >> >>>>>>>>>>>>> has now net package and googling net is.. well wow! > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> Have you samba-client package installed? > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> pavouk\pseni...@psenicka:~> rpm -qf `which net` > >> >>>>>>>>>>>> samba-client-3.5.1-4.1.x86_64 > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> or you can dig domainsid from ldap > >> >>>>>>>>>>>> > >> >>>>>>>>>>>>>>> 5. configure samba on new server as PDC with ldap and > > shares > >> >>>>>>>>>>>>>>> in smb.conf > >> >>>>>>>>>>>>>>> from old samba smb.conf (check with testparm) > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> I see it only contains shares so I bet smb.conf would > > just keep > >> >>>>>>>>>>>>> all > >> >>>>>>>>>>>>> the old settings rigth? /DATA will be rsynced > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> Maybe smb.conf from Samba2 is too different from Samba 3. > > I will > >> >>>>>>>>>>>> keep > >> >>>>>>>>>>>> current smb.conf on new server and add only shares from old > >> >>>>>>>>>>>> smb.conf to > >> >>>>>>>>>>>> new smb.conf. > >> >>>>>>>>>>>> > >> >>>>>>>>>>>>>>> 6. stop samba on old server > >> >>>>>>>>>>>>>>> 7. copy all data (with perms) and netlogon share to new > >> >>>> server > >> >>>>>>>>>>>>>>> 8. stop old server > >> >>>>>>>>>>>>>>> 9. start samba on new server a check everything is working > >> >>>>>>>>>>>>>>> fine (domain > >> >>>>>>>>>>>>>>> logon from windows box, shares and perms) > >> >>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> This can be done best when no users are logged in samba > >> >>>> (maybe > >> >>>>>>>>>>>>>>> at weekend?) > >> >>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> P.S. We have ubuntu 8.04 as PDC and Windows 7 can't > > join to > >> >>>>>>>>>>>>>>> domain > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>>> thanks I move to Debian with ease :-) ubuntu is a great deb > >> >>>>>>>>>>>>> derived right? > >> >>>>>>>>>>>>> > >> >>>>>>>>>>>> Ubuntu 8.04 LTS is now older than Debian Stable. When Ubuntu > >> >>>>>>>>>>>> 10.04 LTS > >> >>>>>>>>>>>> comes out this will be no longer truth. > >> >>>>>>>>>>>> > >> >>>>>>>>>>>>>> Check http://wiki.samba.org for info regarding Windows 7. > >> >>>>>>>>>>>>>> > >> >>>>>>>>>>>>>> Cheers, > >> >>>>>>>>>>>>>> John T. > >> >>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> Dne 25.3.2010 01:05, GG napsal(a): > >> >>>>>>>>>>>>>>>> Hello Vladimir and hi all, > >> >>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>> Thanks very much for replying! > >> >>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>> Any suggested os? I'd go for debian or what advised, > > I just > >> >>>>>>>>>>>>>>>> happen to > >> >>>>>>>>>>>>>>>> know ubuntu more... > >> >>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>> Any strategy or hint on migrating from ancient ldap + > > samba > >> >>>>>>>>>>>>>>>> to a new server? > >> >>>>>>>>>>>>>>>> Already tried rsyncing (using all options to keep > > perms and > >> >>>>>>>>>>>>>>>> attributes > >> >>>>>>>>>>>>>>>> grp own mod etc) on a twin v-machine but server > > starts and > >> >>>>>>>>>>>>>>>> the ldap > >> >>>>>>>>>>>>>>>> auth fails to work :-( > >> >>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>> I'm a bit stuck at the moment :-( and I have posponed the > >> >>>>>>>>>>>>>>>> problem for > >> >>>>>>>>>>>>>>>> too long grrr > >> >>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>> Giorgio > >> >>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>> On Wed, Mar 24, 2010 at 9:20 AM, Vladimir Psenicka > >> >>>>>>>>>>>>>>>> <vladimir.pseni...@prodeco.cz > > <mailto:vladimir.pseni...@prodeco.cz>> wrote: > >> >>>>>>>>>>>>>>>>> Dne 23.3.2010 15:48, Giorgio napsal(a): > >> >>>>>>>>>>>>>>>>>> Hello, > >> >>>>>>>>>>>>>>>>>> Hopefully I'm in the right place asking for help :-) > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> I need to move from an old physical Suse 8.2 - > > samba 2.2.7 > >> >>>>>>>>>>>>>>>>>> + ldap - to > >> >>>>>>>>>>>>>>>>>> latest samba versions, I would like to use an > > ubuntu 8.04 > >> >>>>>>>>>>>>>>>>>> virtual machine. > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> The domain is in production on the physical server, > > to be > >> >>>>>>>>>>>>>>>>>> dismissed after > >> >>>>>>>>>>>>>>>>>> migration. It is also the file server!!! so /DATA/ > > has all > >> >>>>>>>>>>>>>>>>>> shared and > >> >>>>>>>>>>>>>>>>>> permission driven file access.. > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> I was following > >> >>>>>>>>>>>>>>>>>> > > https://help.ubuntu.com/8.10/serverguide/C/samba-dc.html > >> >>>> but > >> >>>>>>>>>>>>>>>>>> I realize I am in a different scenario... > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> Production so no errors are admitted :-(, migration > > to new > >> >>>>>>>>>>>>>>>>>> os and versions.. > >> >>>>>>>>>>>>>>>>>> all at once? > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> I have a dump of the physical server (dd sda mbr and > >> >>>> single > >> >>>>>>>>>>>>>>>>>> partitions :) > >> >>>>>>>>>>>>>>>>>> plus an rsync with all permissions daily backup, > > just to > >> >>>> be > >> >>>>>>>>>>>>>>>>>> safe ;) > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> What would you guru's suggest as a strategy? > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> Can I create a new server and add it as secondary > > domain > >> >>>>>>>>>>>>>>>>>> controller and then > >> >>>>>>>>>>>>>>>>>> once the replica is up? I'd feel quite comfortable with > >> >>>>>>>>>>>>>>>>>> this method. > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> BTW I need a new version of samba as they have already > >> >>>>>>>>>>>>>>>>>> bought Windows 7 > >> >>>>>>>>>>>>>>>>>> boxes (without asking if they were supported arrgh). > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> Thanks to all of you who read or answered :-) > >> >>>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>>> Gio > >> >>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>> Hi. > >> >>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>> Ubuntu 8.10 is bad idea if you will be connecting > > Windows 7 > >> >>>>>>>>>>>>>>>>> into domain, > >> >>>>>>>>>>>>>>>>> because of old Samba version. Samba 3.4.x or 3.5.x is > >> >>>>>>>>>>>>>>>>> recommended for > >> >>>>>>>>>>>>>>>>> Win7. Wait for Ubuntu 10.04 LTS (next month) if you want > >> >>>>>>>>>>>>>>>>> Ubuntu. > >> >>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>>>> -- > >> >>>>>>>>>>>>>>>>> Vladimir Psenicka > >> >>>>>>>>>>>>>>>>> -- > >> >>>>>>>>>>>>>>>>> To unsubscribe from this list go to the following > > URL and > >> >>>>>>>>>>>>>>>>> read the > >> >>>>>>>>>>>>>>>>> instructions: > >> >>>> https://lists.samba.org/mailman/options/samba > >> >>>>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>>> > >> >>>>>>>>>>>>>> > >> >>>>>>>>>>>>>> -- > >> >>>>>>>>>>>>>> To unsubscribe from this list go to the following URL > > and read > >> >>>>>>>>>>>>>> the > >> >>>>>>>>>>>>>> > > instructions: https://lists.samba.org/mailman/options/samba > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> > >> >>>>>>>>>>>> -- > >> >>>>>>>>>>>> Vladimir Psenicka > >> >>>>>>>>>>>> IT system engineer > >> >>>>>>>>>>>> PRODECO, a.s. > >> >>>>>>>>>>>> Tel.: 417 633 762 > >> >>>>>>>>>>>> -- > >> >>>>>>>>>>>> To unsubscribe from this list go to the following URL and > > read > >> >>>> the > >> >>>>>>>>>>>> instructions: https://lists.samba.org/mailman/options/samba > >> >>>>>>>>>>>> > >> >>>>>>>>>>> > >> >>>>>>>>> > >> >>>>>>>>> > >> >>>>>>>>> -- > >> >>>>>>>>> Vladimir Psenicka > >> >>>>>>>>> IT system engineer > >> >>>>>>>>> PRODECO, a.s. > >> >>>>>>>>> Tel.: 417 633 762 > >> >>>>>>>>> -- > >> >>>>>>>>> To unsubscribe from this list go to the following URL and > > read the > >> >>>>>>>>> instructions: https://lists.samba.org/mailman/options/samba > >> >>>>>>>>> > >> >>>>>>> > >> >>>>>>> > >> >>>>>> > >> >>>>>> > >> >>>>>> -- > >> >>>>>> Vladimir Psenicka > >> >>>>>> IT system engineer > >> >>>>>> PRODECO, a.s. > >> >>>>>> Tel.: 417 633 762 > >> >>>>>> -- > >> >>>>>> To unsubscribe from this list go to the following URL and read the > >> >>>>>> instructions: https://lists.samba.org/mailman/options/samba > >> >>>>>> > >> >>>> -- > >> >>>> To unsubscribe from this list go to the following URL and read the > >> >>>> instructions: https://lists.samba.org/mailman/options/samba > >> >>>> > >> >> > >> >> > >> >> -- > >> >> Vladimir Psenicka > >> >> IT system engineer > >> >> PRODECO, a.s. > >> >> Tel.: 417 633 762 > >> >> > >> > >> > >> -- > >> Vladimir Psenicka > >> IT system engineer > >> PRODECO, a.s. > >> Tel.: 417 633 762 > >> > > > > > > > -- > Vladimir Psenicka > IT system engineer > PRODECO, a.s. > Tel.: 417 633 762 > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba