Re: [Samba] Domain migration from 2.2.x to 3.0.x
Atrox wrote: > > > Logan Shaw wrote: >> >> 4) Make sure the new server has the same SID as the old. >> There are lots of ways of doing this, but I believe the >> one I used was to run "rpcclient"'s "lookupsids" command >> against the domain itself to get the old SID on 2.2.x, then >> I used "net setlocalsid" to set it on the new 3.0.22 system. >> Or something along those lines. :-) >> >> 5) This might or might not be necessary, but make sure the >> machine accounts have the same SID as before as well. >> > > Hi. > > I did an upgrade a half of year ago. I'm still experiencing some weird > login (ie. authentication) problems, so I started to guess that maybe the > new domain's SID isn't the same as the old domain's was. But well, I guess > I didn't read the instructions carefully, so I didn't check it in right > time. > > Fortunately I still have backups of the old system (of /var and conf). Can > I just check some file for what the old SID was? > > Thanks in advance, > Silver > Hm, I took a look at secrets.tdb found from backup. The first lines are: { key(19) = "SECRETS/SID/MYDOMAIN" data(68) = "\01\04\00\00\00\00\00\05\15\00\00\...\00" } And this differs from the current one (found from secrets.tdb) indeed. So how can I convert the sid found from secrets.tdb ("\01\04\...") to form of "S-1-..."? And would it be a good idea? :) Silver -- View this message in context: http://www.nabble.com/Domain-migration-from-2.2.x-to-3.0.x-tf2091210.html#a12423211 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain migration from 2.2.x to 3.0.x
Logan Shaw wrote: > > 4) Make sure the new server has the same SID as the old. > There are lots of ways of doing this, but I believe the > one I used was to run "rpcclient"'s "lookupsids" command > against the domain itself to get the old SID on 2.2.x, then > I used "net setlocalsid" to set it on the new 3.0.22 system. > Or something along those lines. :-) > > 5) This might or might not be necessary, but make sure the > machine accounts have the same SID as before as well. > Hi. I did an upgrade a half of year ago. I'm still experiencing some weird login (ie. authentication) problems, so I started to guess that maybe the new domain's SID isn't the same as the old domain's was. But well, I guess I didn't read the instructions carefully, so I didn't check it in right time. Fortunately I still have backups of the old system (of /var and conf). Can I just check some file for what the old SID was? Thanks in advance, Silver -- View this message in context: http://www.nabble.com/Domain-migration-from-2.2.x-to-3.0.x-tf2091210.html#a12408448 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain migration from 2.2.x to 3.0.x
be sure to copy over all of the .tdb files under /var/*/samba Logan Shaw wrote: On Fri, 11 Aug 2006, Rory Vieira wrote: One of my customers is running a pretty old Redhat 8 (Psyche) server with Samba 2.2.something (I think 7). Next week I'm planned to upgrade his Redhat platform to SuSE 9.3 and also update his samba to 3.0.23b. I did almost the exact same thing going from RedHat 7.2 with Samba 2.2 to Slackware 10.2 with Samba 3.0.22, and managed to pull it off with no real problems. My biggest worry is that this customer has about 14 workstations already in the 2.2.x domain. I would like to know WHAT to do so I won't have to re-add all those machines again, as this will take up a lot of my time. From memory, I believe you need to do the following: 1) Copy the machine accounts over, preserving the flags, the LM and NT hashed passwords, etc. They are just smbpasswd entries with special usernames (with "$" in them), so this isn't all that complicated. With only 14 machines, I might just do it by hand. 2) Make sure the new server has the same NetBIOS name as the old. (This might not be necessary. On the other hand, you probably want to do it anyway.) 3) Make sure the new server has the same domain as the old. 4) Make sure the new server has the same SID as the old. There are lots of ways of doing this, but I believe the one I used was to run "rpcclient"'s "lookupsids" command against the domain itself to get the old SID on 2.2.x, then I used "net setlocalsid" to set it on the new 3.0.22 system. Or something along those lines. :-) 5) This might or might not be necessary, but make sure the machine accounts have the same SID as before as well. That list might not be complete. For me, things were easier since I was moving from one machine to another in the process, so I could compare settings on both and make changes incrementally until I was satisfied everything was good. - Logan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain migration from 2.2.x to 3.0.x
On Fri, 11 Aug 2006, Rory Vieira wrote: One of my customers is running a pretty old Redhat 8 (Psyche) server with Samba 2.2.something (I think 7). Next week I'm planned to upgrade his Redhat platform to SuSE 9.3 and also update his samba to 3.0.23b. I did almost the exact same thing going from RedHat 7.2 with Samba 2.2 to Slackware 10.2 with Samba 3.0.22, and managed to pull it off with no real problems. My biggest worry is that this customer has about 14 workstations already in the 2.2.x domain. I would like to know WHAT to do so I won't have to re-add all those machines again, as this will take up a lot of my time. From memory, I believe you need to do the following: 1) Copy the machine accounts over, preserving the flags, the LM and NT hashed passwords, etc. They are just smbpasswd entries with special usernames (with "$" in them), so this isn't all that complicated. With only 14 machines, I might just do it by hand. 2) Make sure the new server has the same NetBIOS name as the old. (This might not be necessary. On the other hand, you probably want to do it anyway.) 3) Make sure the new server has the same domain as the old. 4) Make sure the new server has the same SID as the old. There are lots of ways of doing this, but I believe the one I used was to run "rpcclient"'s "lookupsids" command against the domain itself to get the old SID on 2.2.x, then I used "net setlocalsid" to set it on the new 3.0.22 system. Or something along those lines. :-) 5) This might or might not be necessary, but make sure the machine accounts have the same SID as before as well. That list might not be complete. For me, things were easier since I was moving from one machine to another in the process, so I could compare settings on both and make changes incrementally until I was satisfied everything was good. - Logan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain migration from 2.2.x to 3.0.x
Hi, One of my customers is running a pretty old Redhat 8 (Psyche) server with Samba 2.2.something (I think 7). Next week I'm planned to upgrade his Redhat platform to SuSE 9.3 and also update his samba to 3.0.23b. My biggest worry is that this customer has about 14 workstations already in the 2.2.x domain. I would like to know WHAT to do so I won't have to re-add all those machines again, as this will take up a lot of my time. Eg Upgrading Samba without losing the workstation accounts etc... Thanks in advance (and cheers)... -- Rory Vieira rory dot vieira at gmail dot com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba