Hello everyone, I have two domains, let's call them D1 and D2.
D1 is: - heavily modified, cumbersome, Linux RH 7.3 based, - samba 2.2 based, - using the old LDAP samba schema, - implementing Unix services/Windows logon SSO via the means of the LDAP schema with Kerberos added in the picture. D2 is: - stock, clean Linux RHEL4 based, - Samba 3.0.11 based, - using the newer Samba SAM LDAP schema, managed with smbldap-tools, - void of Kerberos (yay!) since LDAP now handles Unix auth. Both domains work fine. But D1 is frankly a mess, and I want to migrate everything to D2. That implies not only moving D1 accounts to D2, but also changing the login names, since we now have a naming convention which didn't exist before. Keeping the passwords of existing accounts, however, is NOT required. Bare copying of user profiles and appropriate chowning don't work. That was kind of expected, of course, but I thought the differences would be minor. Hah! On the new domain, the keyboard turns qwerty, OutLook just won't start at all (for people still using OutLook, but as they're important to the company, I cannot squash the problem and say "Use Thunderbird"), some desktop preferences are just lost, the XP start menu is a mess... So, this is not the solution. I don't know that much about Windows accounts, but one thing I learned is that the SID is hugely important. As some directories/files are named after the SID in a user's profile, I figure that they are part of the problem, if not the main problem. I've googled quite a bit on the subject but maybe not with the correct vocabulary, because I couldn't find a procedure for my case. What I found out was: * you could copy over a domain user profile to a local user profile with some hacking around (local account needs admin rights in the first place, etc), but then it isn't said in the documents I read how to copy that local user profile to a(nother!) domain user profile afterwards; * there's also a trust domain relationship that sounds kind of promising, but I don't know how I could do to slurp the data from the old domain into the new, nor how I can rename the account after I've slurped it (I think modifying the account DN and other fields won't be enough). Where should I start looking? Is there already a document somewhere covering my scenario? [As a side note, I've salvaged all the Samba ML archives from http://lists.samba.org/archive/samba/ and tried and integrated them in an mbox based mailserver (Dovecot) but the files don't look like valid mboxes!] Have fun, -- Francis Galiegue, [EMAIL PROTECTED] One2team - 12bis rue de la Pierre Levée - 75011 PARIS +33683877875, +33143381980 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba