Paste ldap admin dn or ldap suffix in your smb.conf Dne 26.3.2010 15:24, Vladimir Psenicka napsal(a): > try this: > > ldapsearch -x -h localhost -D "cn=Manager,dc=WORKGROUP,dc=it" -W -b > "sambaDomainName=WORKGROUP,dc=WORKGROUP,dc=it" > > Dne 26.3.2010 15:00, GG napsal(a): >> Hello! >> >> I'm stuck on getdomainsid: Net command is missing even though libs and >> smbclient are installed. >> >> I tried this: >> # ldapsearch -x -h localhost -D "cn=Manager,dc=domain,dc=it" -W -b >> "sambaDomainName=WORKGROUP,dc=domain,dc=it" >> Enter LDAP Password: >> # extended LDIF >> # >> # LDAPv3 >> # base <sambaDomainName=WORKGROUP,dc=domain,dc=it> with scope sub >> # filter: (objectclass=*) >> # requesting: ALL >> # >> >> # search result >> search: 2 >> result: 34 Invalid DN syntax >> text: invalid DN >> >> # numResponses: 1 >> >> So: I'm not sure what is sambaDomainName=domain,dc=domain,dc=it... >> I used WORKGROUP as it is the domain we use on pcs and the only one >> defined in smb.conf >> >> I also tried using my pdc HOSTNAME >> >> and this was returned >> # LDAPv3 >> # base <sambaDomainName=hostname,dc=domain,dc=it> with scope sub >> # filter: (objectclass=*) >> # requesting: ALL >> # >> >> # search result >> search: 2 >> result: 34 Invalid DN syntax >> text: invalid DN >> >> # numResponses: 1 >> >> Any way to get through this or how to use net command? Maybe updating >> samba-client? >> >> I tried rpm -i samba-client but it says >> file /usr/share/man/man1/smbclient.1.gz from install of >> samba-client-2.2.12-1.suse82 conflicts with file from package >> samba-client-2.2.7a-72 when trying to rpm -i samba-client-2.2.12-1.rpm >> >> I found also the original package but it says it is already installed. >> >> What happens if I remove samba-client and reinstall it soon after on >> the production pdc? >> >> >> Giorgio >> >> On 3/26/10, Vladimir Psenicka <[email protected]> wrote: >>> Dne 26.3.2010 13:50, GG napsal(a): >>>> Hello! >>>> >>>>>> Have you samba-client package installed? >>>>>> >>>> >>>> yes I do at least smbclient is there! but no net command :-/ >>>> >>>>>> pavouk\pseni...@psenicka:~> rpm -qf `which net` >>>>>> samba-client-3.5.1-4.1.x86_64 >>>> >>>> So here are the issues encountered... >>>> file /usr/share/man/man1/smbclient.1.gz from install of >>>> samba-client-2.2.12-1.suse82 conflicts with file from package >>>> samba-client-2.2.7a-72 when trying to rpm -i samba-client-2.2.12-1.rpm >>>> I found on net... >>>> >>>>>> >>>>>> or you can dig domainsid from ldap >>>> >>>> This sounds interesting! How do I do that? >>>> >>> >>> modify to your needs (domain): >>> >>> ldapsearch -x -h ldap -D "cn=admin,dc=domain,dc=cz" -W -b >>> "sambaDomainName=domain,dc=domain,dc=cz" >>> >>> sambaSID: is your domainsid >>> >>> or you can use phpldapadmin to manage you ldap from browser >>> >>>> Thanks very much! >>>> Giorgio >>>> >>>> On 3/26/10, GG <[email protected]> wrote: >>>>> Hi! >>>>> >>>>> I'll be at it in a few minutes installing samba client / net command :-) >>>>> >>>>> I have a question about the samba sernet repos: >>>>> Shall I apt-get remove samba and use >>>>> http://enterprisesamba.com/index.php?id=148 + >>>>> http://enterprisesamba.com/index.php?id=56 >>>>> instead from start? >>>>> >>>>> What is the real advantage of sernet? What about installing official >>>>> samba.org packages, are there differences with sernet (stability?) or >>>>> is it just a more liberal repository? >>>>> >>>>> Also I read >>>>>>>> Ensure that all local user and group accounts that are used by samba >>>>>>>> have the same uid/gid. >>>>> >>>>> Shall I copy /etc/shadow and /etc/passwd over? other files for groups >>>>> and users? >>>>> >>>>> I use rsync --verbose --progress --stats --compress --rsh=ssh \ >>>>> --recursive --times --perms --links \ >>>>> --owner --group --devices --specials \ >>>>> --exclude-from '/root/exclude.txt (if any, not in this case as >>>>> I'm only syncing data dir)' \ >>>>> r...@old_pdc:/DATA /DATA >>>>> >>>>> This should bring over every attribute set on files... correct? >>>>> >>>>> [[[did only partially in one case: I set up a twin install (fresh >>>>> install then live cd and full rsync and after that I kept mbr, but >>>>> changed /boot and the /ect/fstab settings) and the server started >>>>> etc.. LDAP did not work though: authentication was not available... >>>>> So I must be missing something or this rsync parameter set must be >>>>> missing something.. I had disconnected old PDC, set same IP and >>>>> hostname to the VM well this worked well for other virtualizations and >>>>> in this PDC I need to upgrade to win7 compatible samba version anyway >>>>> :-) >>>>> This was another story but just to share it as it is an excellent way >>>>> of migrating sometimes specially for machines you do not master and >>>>> this is my case very often.]]] >>>>> >>>>> Cheers, >>>>> Giorgio >>>>> >>>>> On Fri, Mar 26, 2010 at 9:14 AM, Vladimir Psenicka >>>>> <[email protected]> wrote: >>>>>> Hi >>>>>> >>>>>> Dne 25.3.2010 17:41, GG napsal(a): >>>>>>> Hello Vladimir, John and all the NG :-) >>>>>>> Thanks so much for answering. I really hoped someone would :-) >>>>>>> >>>>>>> So I installed Debian latest stable netinst on the future production >>>>>>> server and here are my issues in the quotes :-( no net command on my >>>>>>> suse 8.2 >>>>>>> >>>>>>> Cheers :-) >>>>>>> Giorgio >>>>>>> >>>>>>> >>>>>>>> On Thu, Mar 25, 2010 at 14:00, John H Terpstra <*[email protected]> wrote: >>>>>>>>> On 03/25/2010 03:33 AM, Vladimir Psenicka wrote: >>>>>>>>> What about Debian Stable with Sernet samba repo, where you can choose >>>>>>>>> Samba 3.4.x or 3.5.x >>>>>>>>> >>>>>>>>> My hints on migrating to new server: >>>>>>>>> >>>>>>>>> 1. install new server (Samba,ldap etc.) >>>>>>> >>>>>>> done :-) Debian Stable netinst >>>>>>> >>>>>>>>> 2. set same hostname on new server >>>>>>> My ignorance comes out :-) >>>>>>> Must I set it different from the production server as FW points >>>>>>> production.domain.com - I have clients using DNS=oldPDC and PDC >>>>>>> forwards queries to FW. FW has pdc.domain.com defined to point to lan >>>>>>> ip. >>>>>>> >>>>>> >>>>>> Ok, can be changed later >>>>>> >>>>>>>>> 3. export ldap data from old server and import them to new server >>>>>>> >>>>>>> slapcat -f /etc/openldap/ldap.conf -l /ldap.ldif >>>>>>> OK >>>>>>> >>>>>>>> Ensure that all local user and group accounts that are used by samba >>>>>>>> have the same uid/gid. >>>>>>> my ignorance again... another hint? >>>>>>>> >>>>>>>>> 4. export SID (net getlocalsid) and set it on new server (net >>>>>>>>> setlocalsid oldsid) >>>>>>>> >>>>>>>> Note: >>>>>>>> net getdomainsid (on old server) >>>>>>>> net setdomainsid (on new server) >>>>>>> thanks :-) >>>>>>> >>>>>>> # net getdomainsid >>>>>>> -bash: net: command not found :-( and not found in yast >>>>>>> >>>>>>> I understand it has to do with extracting the sid from >>>>>>> /etc/samba/secrets.tdb but how do I install the command? suse 8.2 yast >>>>>>> has now net package and googling net is.. well wow! >>>>>>> >>>>>> >>>>>> Have you samba-client package installed? >>>>>> >>>>>> pavouk\pseni...@psenicka:~> rpm -qf `which net` >>>>>> samba-client-3.5.1-4.1.x86_64 >>>>>> >>>>>> or you can dig domainsid from ldap >>>>>> >>>>>>>>> 5. configure samba on new server as PDC with ldap and shares in >>>>>>>>> smb.conf >>>>>>>>> from old samba smb.conf (check with testparm) >>>>>>> >>>>>>> I see it only contains shares so I bet smb.conf would just keep all >>>>>>> the old settings rigth? /DATA will be rsynced >>>>>>> >>>>>> >>>>>> Maybe smb.conf from Samba2 is too different from Samba 3. I will keep >>>>>> current smb.conf on new server and add only shares from old smb.conf to >>>>>> new smb.conf. >>>>>> >>>>>>>>> 6. stop samba on old server >>>>>>>>> 7. copy all data (with perms) and netlogon share to new server >>>>>>>>> 8. stop old server >>>>>>>>> 9. start samba on new server a check everything is working fine >>>>>>>>> (domain >>>>>>>>> logon from windows box, shares and perms) >>>>>>>>> >>>>>>>>> This can be done best when no users are logged in samba (maybe at >>>>>>>>> weekend?) >>>>>>>>> >>>>>>>>> P.S. We have ubuntu 8.04 as PDC and Windows 7 can't join to domain >>>>>>> >>>>>>> thanks I move to Debian with ease :-) ubuntu is a great deb derived >>>>>>> right? >>>>>>> >>>>>> Ubuntu 8.04 LTS is now older than Debian Stable. When Ubuntu 10.04 LTS >>>>>> comes out this will be no longer truth. >>>>>> >>>>>>>> Check http://wiki.samba.org for info regarding Windows 7. >>>>>>>> >>>>>>>> Cheers, >>>>>>>> John T. >>>>>>>> >>>>>>>>> Dne 25.3.2010 01:05, GG napsal(a): >>>>>>>>>> Hello Vladimir and hi all, >>>>>>>>>> >>>>>>>>>> Thanks very much for replying! >>>>>>>>>> >>>>>>>>>> Any suggested os? I'd go for debian or what advised, I just happen to >>>>>>>>>> know ubuntu more... >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Any strategy or hint on migrating from ancient ldap + samba to a new >>>>>>>>>> server? >>>>>>>>>> Already tried rsyncing (using all options to keep perms and >>>>>>>>>> attributes >>>>>>>>>> grp own mod etc) on a twin v-machine but server starts and the ldap >>>>>>>>>> auth fails to work :-( >>>>>>>>>> >>>>>>>>>> I'm a bit stuck at the moment :-( and I have posponed the problem for >>>>>>>>>> too long grrr >>>>>>>>>> >>>>>>>>>> Giorgio >>>>>>>>>> >>>>>>>>>> On Wed, Mar 24, 2010 at 9:20 AM, Vladimir Psenicka >>>>>>>>>> <[email protected]> wrote: >>>>>>>>>>> Dne 23.3.2010 15:48, Giorgio napsal(a): >>>>>>>>>>>> Hello, >>>>>>>>>>>> Hopefully I'm in the right place asking for help :-) >>>>>>>>>>>> >>>>>>>>>>>> I need to move from an old physical Suse 8.2 - samba 2.2.7 + ldap >>>>>>>>>>>> - to >>>>>>>>>>>> latest samba versions, I would like to use an ubuntu 8.04 virtual >>>>>>>>>>>> machine. >>>>>>>>>>>> >>>>>>>>>>>> The domain is in production on the physical server, to be >>>>>>>>>>>> dismissed after >>>>>>>>>>>> migration. It is also the file server!!! so /DATA/ has all shared >>>>>>>>>>>> and >>>>>>>>>>>> permission driven file access.. >>>>>>>>>>>> >>>>>>>>>>>> I was following >>>>>>>>>>>> https://help.ubuntu.com/8.10/serverguide/C/samba-dc.html but >>>>>>>>>>>> I realize I am in a different scenario... >>>>>>>>>>>> >>>>>>>>>>>> Production so no errors are admitted :-(, migration to new os and >>>>>>>>>>>> versions.. >>>>>>>>>>>> all at once? >>>>>>>>>>>> >>>>>>>>>>>> I have a dump of the physical server (dd sda mbr and single >>>>>>>>>>>> partitions :) >>>>>>>>>>>> plus an rsync with all permissions daily backup, just to be safe ;) >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> What would you guru's suggest as a strategy? >>>>>>>>>>>> >>>>>>>>>>>> Can I create a new server and add it as secondary domain >>>>>>>>>>>> controller and then >>>>>>>>>>>> once the replica is up? I'd feel quite comfortable with this >>>>>>>>>>>> method. >>>>>>>>>>>> >>>>>>>>>>>> BTW I need a new version of samba as they have already bought >>>>>>>>>>>> Windows 7 >>>>>>>>>>>> boxes (without asking if they were supported arrgh). >>>>>>>>>>>> >>>>>>>>>>>> Thanks to all of you who read or answered :-) >>>>>>>>>>>> >>>>>>>>>>>> Gio >>>>>>>>>>> >>>>>>>>>>> Hi. >>>>>>>>>>> >>>>>>>>>>> Ubuntu 8.10 is bad idea if you will be connecting Windows 7 into >>>>>>>>>>> domain, >>>>>>>>>>> because of old Samba version. Samba 3.4.x or 3.5.x is recommended >>>>>>>>>>> for >>>>>>>>>>> Win7. Wait for Ubuntu 10.04 LTS (next month) if you want Ubuntu. >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Vladimir Psenicka >>>>>>>>>>> -- >>>>>>>>>>> To unsubscribe from this list go to the following URL and read the >>>>>>>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> To unsubscribe from this list go to the following URL and read the >>>>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>> >>>>>> >>>>>> -- >>>>>> Vladimir Psenicka >>>>>> IT system engineer >>>>>> PRODECO, a.s. >>>>>> Tel.: 417 633 762 >>>>>> -- >>>>>> To unsubscribe from this list go to the following URL and read the >>>>>> instructions: https://lists.samba.org/mailman/options/samba >>>>>> >>>>> >>> >>> >>> -- >>> Vladimir Psenicka >>> IT system engineer >>> PRODECO, a.s. >>> Tel.: 417 633 762 >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >>> > >
-- Vladimir Psenicka IT system engineer PRODECO, a.s. Tel.: 417 633 762 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
