John Goubeaux wrote: >> >> John, >> >> You can migrate all your /etc/passwd, /etc/shadow, /etc/group entries to >> LDAP using the PADL Migration Tools. See: >> http://www.padl.com/OSS/MigrationTools.html >> >> After the UNIX system accounts have been migrated to LDAP, just execute: >> pdbedit -i smbpasswd -e ldapsam >> pdbedit -i smbpasswd -e ldapsam -g >> >> The first migrates user SambaSAM account info, the second your group >> configuration. >> >> PS: If your samba account info is in tdb files (ie: tdbsam) then execute: >> pdbedit -i tdbsam -e ldapsam >> pdbedit -i tdbsam -e ldapsam -g >> >> - John T. >> -- >> John H Terpstra >> >> "If at first you don't succeed, don't go sky-diving!" > > > > Thanks John, > > What if the user's passwd in /etc/shadow is not the same as in their > existing directory entry ?
Well, then you will have some resolution work ahead of you! > Meaning, user <bob> has an /etc/passwd entry ( crypt) for the old > samba server but ALSO has a directory entry uid=bob, but with a passwd > (SSSH ) that is different ? So you set up a new LDAP directory and now you have a problem? You could dump your current directory, then migrate the existing /etc/passwd and /etc/shadow info into your LDAP directory, then dump that LDAP directory contents, then perform a merge of the two directory dumps and then reload. slapcat and slapadd are you friend - check the man pages. > I do not see a way to populate their directory entry AND sync up their > entry without running pdbedit -a bob and entering their Directory > passwd in clear txt as am prompted. Why? Why? The use of pbdedit -i source -e ldapsam, where source is either 'smbpasswd' or 'tdbsam' - is your friend also. This will import all the SambaSAM info (including Windows passwords) into the LDAP directory. What part of this does not compute? > Meaning I am trying to avoid having all the users have to re-enter a > passwd but maybe this is not possible ? Sorry, I must have missed something here - the advice I gave was exactly intent on avoiding the need for users to reenter their passwords. Please read the man page for pdbedit and take note of the command line parameters I pointed out to you. Cheers, John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
