-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I'd be happy to do so, it may take me a while to obfuscate the password hashes suitably and stuff, but perhaps end of day tommorow I could have it done, I'll post diag info on bugzilla when it's all set.
Regards
Eric
John H Terpstra wrote: | On Wednesday 21 July 2004 23:21, Eric J Bennett wrote: | |>I'm trying to do the exact same thing out here, it's tricky, even after |>reading the manual rather thoroughly, I got to the stage where we |>vampire'd over all the account info successfully, but the vampire didn't |>copy the password information for the machine accounts, and thus people |>cannot log on. | | | We are aware of this problem. It does not affect every site but on those that | it does the problem is significant. I'm sorry to say that we do not have a | solution at this time. It would help if you can capture the entire process | using ethereal as well as a level 10 debug trace of the activity and then | post a bug report on bugzilla.samba.org. So far we have not been able to | capture sufficient information to catch what is glitching. | | Andrew Bartlett may be able to comment when he sees the debug info. | | - John T. | | |>I've posted to this list about it a couple of times before, but noone |>has answered, I don't know if this is just an accepted bug or I'm |>screwing something up, still trying to hack through the smbldap-useradd |>script in the machine adding section, which is my best guess as to where |>the actual problem is. |> |>Cheers |> |>Eric |> |>Jeff McWilliams wrote: |>| I'm helping out a small office upgrade their NT 4 PDC to Samba. It's |> |>a small |> |>| office of 6 people, so tdbsam is being used. They keep having tape backup |>| issues |>| and other problems, so one of the reasons for the Samba migration is |> |>to allow |> |>| me |>| to SSH into their box and remotely administer it from home on |>| evenings/weekends. |>| |>| |>| |>| Currently I'm testing the move using two dummy machines, and some |> |>Windows 2000 |> |>| clients running under VMWare. |>| |>| Following the Samba Guide, my plan was as follows: |>| |>| Existing Windows NT machine is called DellDC. |>| Temporary machine is called TempDC |>| |>| 1. Create a Linux based, Samba BDC named TempDC that joins the NT |> |>domain, then |> |>| following the instructions in chapters 5 and 8 of the Samba-Guide, |> |>vampire the |> |>| accounts database off of DellDC and promote TempDC to a PDC. |>| |>| 2. Shutdown DellDC, and reload with Linux, configuring Samba as a BDC. |>| Following the same approach, re-join DellDC to NT domain as a BDC, and |> |>using |> |>| net rpc vampire, vampire accounts database off of TempDC and promote |> |>DellDC to |> |>| PDC. |>| |>| 3. Shutdown TempDC for good. |>| |>| |>| In my simulation environment, I created a similar set of machines. |> |>One is NT |> |>| 4.0 server and the other is Debian Linux (testing, sarge) with the |> |>latest Samba |> |>| 3.0.4. My samba configuration files are almost exactly as shown in the |>| Samba-Guide with the exception of printer shares and the fictional shared |>| folders. |>| |>| Step 1 goes fine. I was able to join TempDC to the domain hosted by |> |>NT4 on |> |>| DellDC, vampire the accounts off of DellDC, and promote TempDC to |> |>Primary DC |> |>| status. After this I turned off DellDC and reloaded it with Debian |> |>Linux and |> |>| Samba. |>| |>| Step 2 fails. I reload DellDC with Linux, and successfully join the |> |>domain. |> |>| Groupmaps are successfully created as directed in the guide, as |> |>before. I even |> |>| made sure /etc/passwd and /etc/group are the same on both the Linux |> |>PDC and the |> |>| Linux BDC that I'm trying to promote. However, 'net rpc vampire' fails. |>| |>| The output is: |>| DellDC:/etc/samba# net rpc vampire -S TempDC |>| Fetching DOMAIN database |>| Failed to fetch domain database: NT_STATUS_UNSUCCESSFUL |>| |>| |>| Is there another approach or did I configure something incorrectly? |> |>Given a |> |>| successfully running Samba 3.0 PDC using tdbsam, how can I migrate the |>| PDC responsibilities from the existing Linux box to another? |>| |>| I'd imagine this scenario comes up often as people upgrade server |>| hardware on PDCs without losing all the existing domain settings. |>| |>| Can anyone help me? |>| |>| Many thanks, |>| |>| Jeff McWilliams | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFA/2hP3xh0GTRQuR4RAu/YAJ9DUhKdvkEip+nLAurhW0kPhaVw+gCfUdv0 HntHgUm+qJnYGDOu/EINu28= =HGG7 -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
