Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
Greetings Harry- Thank you for your continued assistance! Harry Jede wrote: On Dienstag, 6. Oktober 2009 wrote Michael Lueck: For Samba users (real actual users) there is an entry in passwd and group. I would think I can use adduser to set those up, and edit the uid/gid # to match. If you need to edit uid/gid, do not forget to change the uid/gid in your filesystems. Do it separately for uid and gid. It is more safe. I was thinking to create the new uid/gid entries before I restore files from the backup. Thus since ID's are created, made to look the same as the old server, I would think files/dirs would restore properly, including ownership. No? Do you see any problems with this course of action? Yes. The samba passwords (lm and nt hashes) are stored in a separate file. I am sure you will not change the paswords. But be sure, that you do not loose the logical connection with both storage areas (passwd/shadow and smbpasswd). So what is the proper way to create the machine accounts for the Windows boxes? Shall I simply copy/paste the existing entries in passwd/shaow and smbpasswd and do not concern myself copying the password hash from non-login ID's on the new server (shadow file)? Or... ??? Sincerely, -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
So what is the proper way to create the machine accounts for the Windows boxes? Shall I simply copy/paste the existing entries in passwd/shaow and smbpasswd and do not concern myself copying the password hash from non-login ID's on the new server (shadow file)? I think the biggest question is do you really want to create a new uid/gid for everything instead of just using the information from the old server? Every time I have created a new PDC (in the last decade) I have just mirrored the LDAP and did not mess with new incompatible uids/gids John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
John Drescher wrote: Every time I have created a new PDC (in the last decade) I have just mirrored the LDAP and did not mess with new incompatible uids/gids BUT I DO NOT HAVE LDAP in the configuration. aaakkk!!! Let me guess... Have solutions of how to rebuild PDC's if I had LDAP, but since I don't, then no solutions. I have decided for now to keep the Samba PDC's as simple as possible. /etc/passwd, /etc/group, and the plain text smbpasswd. (sigh...) -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] How to bulk add machine accounts during PDC hardware refresh?
Greetings- I have not found discussed / documented what to do with machine accounts when moving a Samba PDC to new hardware. I have seen that uid/gid numbers must match between the old/new system. I am thinking to use adduser to accomplish that, then make the numbers on the new server match, using a text editor. After that, can I simply enter the machine account entries by hand with a text editor? TIA! -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
On Mon, Oct 5, 2009 at 12:32 PM, Michael Lueck mlu...@lueckdatasystems.com wrote: Greetings- I have not found discussed / documented what to do with machine accounts when moving a Samba PDC to new hardware. I have seen that uid/gid numbers must match between the old/new system. I am thinking to use adduser to accomplish that, then make the numbers on the new server match, using a text editor. After that, can I simply enter the machine account entries by hand with a text editor? I would not remove the old entries. If you are using ldap replicate the openldap first. If you are using tdbsam copy the /var/lib/samba folder. -- John M. Drescher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
John Drescher wrote: I would not remove the old entries. If you are using ldap replicate the openldap first. If you are using tdbsam copy the /var/lib/samba folder. Sorry, I forgot to mention that no LDAP or anything fancy is involved. So Samba has made entries in /etc/passwd and /etc/group, and that is what I am interested in moving properly. remove the old entries... ??? I am trying to set up an identical PDC on new hardware. I understand that uid/gid numbers must match, so thinking to use adduser to get them added, then edit the files to keep the numbers matching between the old/new PDC. But then, what to do about those entries in those two files that are for workstations? Can I simply copy/paste from the files on the existing PDC the entries for the machine accounts? Thanks, -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
Michael Lueck kirjoitti: John Drescher wrote: I would not remove the old entries. If you are using ldap replicate the openldap first. If you are using tdbsam copy the /var/lib/samba folder. Sorry, I forgot to mention that no LDAP or anything fancy is involved. So Samba has made entries in /etc/passwd and /etc/group, and that is what I am interested in moving properly. just copy and paste entries to /etc/passwd and /etc/group ? -- Eero -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
Eero Volotinen wrote: just copy and paste entries to /etc/passwd and /etc/group ? That is what I was thinking to do... just wanted to be sure that such would actually work... that I did not need to actually execute adduser and have it create the entries as it also knows to update some other place that I was not thinking of. Perhaps years of OS/2 and Windows bleeding through... ;-) Thanks, -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
On Mon, Oct 5, 2009 at 2:18 PM, Michael Lueck mlu...@lueckdatasystems.com wrote: Eero Volotinen wrote: just copy and paste entries to /etc/passwd and /etc/group ? That is what I was thinking to do... just wanted to be sure that such would actually work... that I did not need to actually execute adduser and have it create the entries as it also knows to update some other place that I was not thinking of. Also be sure to copy these: /var/lib/samba /var/spool/samba /var/cache/samba Regards, Norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
On Mon, Oct 5, 2009 at 2:36 PM, Michael Lueck mlu...@lueckdatasystems.com wrote: Just no one happened to explain how to move machine accounts to the new PDC. machine accounts are user accounts from the *nix point of view ;-) regards, norberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
On Montag, 5. Oktober 2009 wrote Eero Volotinen: Michael Lueck kirjoitti: John Drescher wrote: I would not remove the old entries. If you are using ldap replicate the openldap first. If you are using tdbsam copy the /var/lib/samba folder. Sorry, I forgot to mention that no LDAP or anything fancy is involved. So Samba has made entries in /etc/passwd and /etc/group, and that is what I am interested in moving properly. just copy and paste entries to /etc/passwd and /etc/group ? Sounds usable, but do not do this. You may get massiv problems :-( . You need passwd AND shadow for the users, but normaly NOT the hole file. The system accounts may be different on your new system, so identify the min and max uidnumber for regular users and copy only these users. Do the same with the shadow file. AND make backups. Same thing with groups. Identify your min and max gidnumber and copy only these groups. Maybe you need to transform some uid/gid-numbers :-) . -- Eero -- Gruss Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?
Harry Jede wrote: You need passwd AND shadow for the users, but normaly NOT the hole file. The system accounts may be different on your new system, so identify the min and max uidnumber for regular users and copy only these users. Do the same with the shadow file. AND make backups. Same thing with groups. Identify your min and max gidnumber and copy only these groups. Maybe you need to transform some uid/gid-numbers :-) . Thanks for speaking up, Harry! :-) For Samba users (real actual users) there is an entry in passwd and group. I would think I can use adduser to set those up, and edit the uid/gid # to match. For Samba machine users, there seems to be only an entry in passwd, and shadow of course. The password hash appears to be the same hash as other ID's which no one ever logs into. So I would think I would be safe hand editing both passwd and shadow to add the machine accounts, and simply copy/paste the password hash that is appropriate for the new server. Do you see any problems with this course of action? Sincerely, -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
