Re: [Samba] Change the IP/name of the domain member server - upgrading the server
Gaiseric Vandal pisze: Maybe you should also copy the private directory from the old to the new server. That may include the machine password used by the samba server to connect to the domain. Run testparm -v on both servers. Are both servers samba version of samba? So maybe I will answer to my own question sharing my little knowledge. The old server has Samba 3.0.14 and the new one 3.5.6. What worked for me? 1. Migrated the group/user id mappings (winbind) from old to new server on old server: net idmap dump /var/lib/samba/winbindd_idmap.tdb idmap_dump.txt on new one: net idmap restore idmap_dump.txt net cache flush restart samba/winbindd Now I have the same mappings on both servers, so I don't care about migrating them. Just simple cp/tar or whatever. 2. Copy smb.conf (check it, it is upgrade anyway) 3. Copy the files tar cf - . | ssh r...@xx.xx.xx.xx 'cd /home/samba; tar xf -' 3.a surfing the web/watching films 4. For the purpose of international characters only convmv -f iso-8859-2 -t utf8 --notest -r user_files 5. Prepare the actual join of new server. on old server: net ads leave -U Administrator (as of samba 3.0.14 I had to delete the machine AD account manually) shutdown on new one: change its name (/etc/hostname, mailname...) update DHCP server (if in use) restart net ads join -U Administrator (if failed, try kdestroy its Kerberos stuff) net ads testjoin It should work. Now check (double check) if the ACLs are ok. I had some minor (quickly repaired it) problems with group rights. somehow instead of rwx I had rx only. But users had problems so the bothered me with phones ;-). The windows disk mappings worked fine if they were mapped in AD login scripts like that (most of the mapping in my situation): net use m: \\server\%UserName% /PERSISTENT:NO if they were manually mapped it required manual intervention So as you can see the only mysterious thing is transfering the group/user id mappings, and fortunately it worked as expected. I hope the it would help others with similar task. Regards P. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Change the IP/name of the domain member server
Maybe you should also copy the private directory from the old to the new server. That may include the machine password used by the samba server to connect to the domain. Run testparm -v on both servers. Are both servers samba version of samba? On 08/10/2011 02:37 PM, Piotr Legiecki wrote: Hi I have two servers: old production and new to change the old one. What is the right way to change to brand new server (with new Samba) in a way transparent to end users? Both (old and new one) servers are domain member servers. What I want to achieve is to: leave the old servers name and IP but assign them to new server. I have done almost everything, so the new server has the data, the ACLs are transfered and are ok, but when I shut down the old server, change the hostname of the new one to old one, changed the SID of the new server to the old server (using net getlocalsid/net setlocalsid xxx) and... booom. When I try to access the shares on the new server (from windows) it asks for user name/password just like the new server is not a member of the domain. So is it possible to achieve what I want? I'm not sure if other way, by using net ads leave (on new server) and then join with changed name (of the old server) would work. I'm afraid of loosing the connection to domain controler and all windows workstations would not be able to access the new server after joining. what is wors, also the old one could (?) have problems then. Looks like the trick with the changed SID is not working well. I hope someone would help me with this. Playing with windows is dangerous, some actions are not possible to undo. Regards P. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Change the IP/name of the domain member server
Hi I have two servers: old production and new to change the old one. What is the right way to change to brand new server (with new Samba) in a way transparent to end users? Both (old and new one) servers are domain member servers. What I want to achieve is to: leave the old servers name and IP but assign them to new server. I have done almost everything, so the new server has the data, the ACLs are transfered and are ok, but when I shut down the old server, change the hostname of the new one to old one, changed the SID of the new server to the old server (using net getlocalsid/net setlocalsid xxx) and... booom. When I try to access the shares on the new server (from windows) it asks for user name/password just like the new server is not a member of the domain. So is it possible to achieve what I want? I'm not sure if other way, by using net ads leave (on new server) and then join with changed name (of the old server) would work. I'm afraid of loosing the connection to domain controler and all windows workstations would not be able to access the new server after joining. what is wors, also the old one could (?) have problems then. Looks like the trick with the changed SID is not working well. I hope someone would help me with this. Playing with windows is dangerous, some actions are not possible to undo. Regards P. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba