John Goubeaux wrote: > Folks, > > I have a new build of samba 3.3.0 ( stand alone file server ) which is > configured to find all user data in an ldap directory, eg passdb backend > = ldapsam. After testing I have confirmed that it all seems to work as > it should with a test set of users. > > Now I need to figure out the best way to migrate the shares and users > from the old system ( that used /etc/passwd to store user auth info) to > this new one. The users already have Directory entries in the ldap which > is used for a variety of existing services . Meaning, all I want to do > is populate their existing entries with the proper attributes and > re-mout the shares on the new server and NOT have to have them re-enter > a new passwd, but use the existing Directory passwd that is already in > their entry. > > So far the only way I can see to get their existing directory entry to > work is to run pdbedit -a <userid> which prompts for the users > passwd and which then populates their directory entry with all the > samba attributes such as the sambasid and sambantpasswd which have > unique values. > > My question is then: Is there another way to get their directory entry > populated with these values without having to re-enter their passwd ( eg > have the user retype their passwd) at the pdbedit prompt ? Also, it > seems that down the road if a user changes their directory passwd this > process will have to be repeated to re-sync the unique samba values. > > Am I missing something with regard to the samba attribute values and > their relationship with existing uid and userpassword values in a > directory ? > > Any advice on options is appreciated.. > > -john
John, You can migrate all your /etc/passwd, /etc/shadow, /etc/group entries to LDAP using the PADL Migration Tools. See: http://www.padl.com/OSS/MigrationTools.html After the UNIX system accounts have been migrated to LDAP, just execute: pdbedit -i smbpasswd -e ldapsam pdbedit -i smbpasswd -e ldapsam -g The first migrates user SambaSAM account info, the second your group configuration. PS: If your samba account info is in tdb files (ie: tdbsam) then execute: pdbedit -i tdbsam -e ldapsam pdbedit -i tdbsam -e ldapsam -g - John T. -- John H Terpstra "If at first you don't succeed, don't go sky-diving!" -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
