[Samba] Please help: classicupgrade not importing users

Tue, 02 Apr 2013 13:24:32 -0700

I have tried everything that I can think of, but the users are still not being imported.
I deleted and re-created the /usr/local/samba directory (using make install), I added users to the local passwd file (ypcat passwd >> /etc/passwd) and then stopped ypbind. 

Still the same. The users are not imported while the groups are.

I would really appreciate some help in getting past this step.

The transcript of my last attempt at classicupgrade can be found here:
http://pastebin.com/tP8bG5Yb


I changed the realm that I used to "a.b" and made edits to the file to 
make it consistent.



Simon

On Mon, 1 Apr 2013, simon+sa...@matthews.eu wrote:




On Tue, 2 Apr 2013, Ricky Nance wrote:


 
http://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO<https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO>
 should
 help.



I have been following those instructions. I have a tdb backend, I am working 
on a VM that does not have SAMBA3 installed. The command:

# samba-tool user list
does not show my users.

Interestingly, the groups seem to be there. If I use
# samba-tool group list
I see the expected groups.

Simon





 Ricky


 On Tue, Apr 2, 2013 at 12:06 AM, Gémes Géza <g...@kzsdabas.hu> wrote:

>  2013-04-02 05:35 keltezéssel, simon+sa...@matthews.eu írta:

> 
> 
> > 
> >  On Mon, 1 Apr 2013, simon+sa...@matthews.eu wrote:
> > 
> > 
> > >  On Tue, 2 Apr 2013, Andrew Bartlett wrote:
> > > 
> > >     On Mon, 2013-04-01 at 09:26 +0200, Gémes Géza wrote:

> > > > >    2013-04-01 02:36 keltezéssel, simon+sa...@matthews.eu írta:

> > > > > >    Since I don't seem to be having any luck with the 
> > > > > >    classicupgrade,
> > > > I > >    decided to try starting from scratch and then adding 
> > > > I > >    users.

> > > > > > > >    I ran the command:

> > > > > >    /usr/local/samba/bin/samba-**tool domain provision 
> > > > > >    --realm=<my
> > > > realm>  \ > > --domain=<mydomain> --adminpass 'mypass' 
> > > > realm>  --server-role=dc  \

> > > > > >    --dns-backend=BIND9_DLZ

> > > > > > > >    Then I tried both adding and changing users. In neither 
> > > > > > > >    case
> > > >  can I > >   change the SID with pdbedit. It seems to be added with 
> > > >  a > >
> > > >  system-defined SID, irrespective of what I specify. pdbedit -v is 
> > > >  > >

> > > >  able to list the user's parameters, including the SID.

> > > > > > > >    Any suggestions? I am pretty much stuck here trying to 
> > > > > > > >    figure

> > > >  out how > >   to migrate from an existing SAMBA3 domain to SAMBA4.
> > > > > > > > >    Hi,

> > > > > >    Trying to add users one by one (preserving SID) is IMHO a 
> > > > > >    lot
> > > >  harder >   (you would probably need to ldbmodify the user record 
> > > >  of each
> > > >  one) to >   do, than fixing your samba3 install to have it 
> > > >  classicupgraded.
> > > > 
> > > >    Indeed.  The only way to safely import a list of users who 
> > > >  already

> > > >  have
> > > >    SIDs is to migrate them to Samba 4.0's AD DC using one of the
> > > >  supported
> > > >    migration tools.

> > > > 
> > > >    These are 'samba-tool domain join dc' and 'samba-tool domain

> > > >    classicupgrade'.

> > > > 
> > > 
> > >  Perhaps I need to address why the "classicupgrade" did not work. I 
> > >  see
> > >  now that I did not pass the --dbdir option when running it before. 
> > >  I'll try

> > >  again.

> > > 
> > > 
> >  I went back to trying to get the classicupgrade to work:

> >  /usr/local/samba/bin/samba-**tool domain classicupgrade  \
> >  --dbdir=/var/lib/samba/ --dbdir=/var/lib/samba/ --realm=a.b  \
> >  /etc/samba/smb.conf --use-xattrs=yes

> > 
> >  For the realm, I used a subdomain of one of the two existing dns 
> >  domains
> >  in the LAN. It appears to be processing the information from the old 
> >  domain

> >  tdb files, although I see some errors:

> >  Cannot open idmap database, Ignoring: [Errno 2] No such file or 
> >  directory

> >  Importing groups

> >  Could not add group name=Remote Desktop Users ((68, "samldb: Account 
> >  name

> >  (sAMAccountName) 'Remote Desktop Users' already in use!"))

> >  Could not modify AD idmap entry for 
> >  sid=S-1-5-21-4254857281-**3346836279-4152649156-555,
> >  id=5077, type=ID_TYPE_GID ((32, "Base-DN 
> >  '<SID=S-1-5-21-4254857281-**3346836279-4152649156-555>'

> >  not found"))

> >  Could not add posix attrs for AD entry for 
> >  sid=S-1-5-21-4254857281-**3346836279-4152649156-555,

> >  ((32, "Base-DN '<SID=S-1-5-21-4254857281-**3346836279-4152649156-555>'
> >  not found"))

> >  Group already exists 
> >  sid=S-1-5-21-4254857281-**3346836279-4152649156-512,

> >  groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.

> > 
> >  However, after this, all I get from pdbedit -L is:

> >  # pdbedit -L
> >  RAIDSERVER$:4294967295:
> >  Administrator:4294967295:
> >  [root@samba ~]# pdbedit -L
> >  RAIDSERVER$:4294967295:
> >  Administrator:4294967295:
> >  krbtgt:4294967295:--dbdir=/**var/lib/samba/ --realm=a.b
> >  /etc/samba/smb.confnobody:99:**Nobody

> > 
> >  Any ideas? What information might help debug this?
> > 
> >  Simon
> > 
> > 
> >   Could this happen because pdbedit is from the samba3 install?
> 
>  I recommend doing upgrade on a new box/virtual machine where no samba3 
>  is

>  installed, and copying the tdb files to the new box.

> 
>  Regards
> 
>  Geza Gemes
> 
>  --

>  To unsubscribe from this list go to the following URL and read the

>  instructions: 
>  https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
> 




 --
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/options/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba






















					Reply via email to