http://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO<https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO> should help.
Ricky On Tue, Apr 2, 2013 at 12:06 AM, Gémes Géza <g...@kzsdabas.hu> wrote: > 2013-04-02 05:35 keltezéssel, simon+sa...@matthews.eu írta: > > >> >> On Mon, 1 Apr 2013, simon+sa...@matthews.eu wrote: >> >> >>> On Tue, 2 Apr 2013, Andrew Bartlett wrote: >>> >>> On Mon, 2013-04-01 at 09:26 +0200, Gémes Géza wrote: >>>> > 2013-04-01 02:36 keltezéssel, simon+sa...@matthews.eu írta: >>>> > > Since I don't seem to be having any luck with the classicupgrade, >>>> I > > decided to try starting from scratch and then adding users. >>>> > > > > I ran the command: >>>> > > /usr/local/samba/bin/samba-**tool domain provision --realm=<my >>>> realm> \ > > --domain=<mydomain> --adminpass 'mypass' --server-role=dc \ >>>> > > --dns-backend=BIND9_DLZ >>>> > > > > Then I tried both adding and changing users. In neither case >>>> can I > > change the SID with pdbedit. It seems to be added with a > > >>>> system-defined SID, irrespective of what I specify. pdbedit -v is > > >>>> able to list the user's parameters, including the SID. >>>> > > > > Any suggestions? I am pretty much stuck here trying to figure >>>> out how > > to migrate from an existing SAMBA3 domain to SAMBA4. >>>> > > > > > Hi, >>>> > > Trying to add users one by one (preserving SID) is IMHO a lot >>>> harder > (you would probably need to ldbmodify the user record of each >>>> one) to > do, than fixing your samba3 install to have it classicupgraded. >>>> >>>> Indeed. The only way to safely import a list of users who already >>>> have >>>> SIDs is to migrate them to Samba 4.0's AD DC using one of the >>>> supported >>>> migration tools. >>>> >>>> These are 'samba-tool domain join dc' and 'samba-tool domain >>>> classicupgrade'. >>>> >>> >>> Perhaps I need to address why the "classicupgrade" did not work. I see >>> now that I did not pass the --dbdir option when running it before. I'll try >>> again. >>> >>> >> I went back to trying to get the classicupgrade to work: >> /usr/local/samba/bin/samba-**tool domain classicupgrade \ >> --dbdir=/var/lib/samba/ --dbdir=/var/lib/samba/ --realm=a.b \ >> /etc/samba/smb.conf --use-xattrs=yes >> >> For the realm, I used a subdomain of one of the two existing dns domains >> in the LAN. It appears to be processing the information from the old domain >> tdb files, although I see some errors: >> Cannot open idmap database, Ignoring: [Errno 2] No such file or directory >> Importing groups >> Could not add group name=Remote Desktop Users ((68, "samldb: Account name >> (sAMAccountName) 'Remote Desktop Users' already in use!")) >> Could not modify AD idmap entry for >> sid=S-1-5-21-4254857281-**3346836279-4152649156-555, >> id=5077, type=ID_TYPE_GID ((32, "Base-DN >> '<SID=S-1-5-21-4254857281-**3346836279-4152649156-555>' >> not found")) >> Could not add posix attrs for AD entry for >> sid=S-1-5-21-4254857281-**3346836279-4152649156-555, >> ((32, "Base-DN '<SID=S-1-5-21-4254857281-**3346836279-4152649156-555>' >> not found")) >> Group already exists sid=S-1-5-21-4254857281-**3346836279-4152649156-512, >> groupname=Domain Admins existing_groupname=Domain Admins, Ignoring. >> >> However, after this, all I get from pdbedit -L is: >> # pdbedit -L >> RAIDSERVER$:4294967295: >> Administrator:4294967295: >> [root@samba ~]# pdbedit -L >> RAIDSERVER$:4294967295: >> Administrator:4294967295: >> krbtgt:4294967295:--dbdir=/**var/lib/samba/ --realm=a.b >> /etc/samba/smb.confnobody:99:**Nobody >> >> Any ideas? What information might help debug this? >> >> Simon >> >> >> Could this happen because pdbedit is from the samba3 install? > > I recommend doing upgrade on a new box/virtual machine where no samba3 is > installed, and copying the tdb files to the new box. > > Regards > > Geza Gemes > > -- > To unsubscribe from this list go to the following URL and read the > instructions: > https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba> > -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba