(totally new to this gig but...) I think the net getsid command should be net rpc getsid
without the SID NT wont like you (well as far as I can see anyhow) Hope that helps :c)
Matt D.
Peter S. Calvert wrote:
Hi,
I am trying a test of migrating a NT4 Domain to Samba 3 Beta 3 configured to use LDAP on Redhat 8. Is this possible?
Details ------- I previously had Beta 2 on LDAP running as it's own domain controller without problem and could create users (in LDAP) with smbpasswd -a. XP clients could join and login OK.
Now I have flushed that setup and have loaded Beta 3 configured to use LDAP, installed a test NT4 domain controller and tried the NT4 migration steps (Samba (nmbd, smbd) was not running as per instructions).
(1) the LDAP schema changed from Beta2 -> Beta3, this was not mentioned in the release notes. This was relatively simple to fix.
(2) the "net getsid" command: net getsid -S NT4PDC -w DOMNAME -U Administrator%passwd does not exist? Is there an equivalent?
I skipped this step.
(3) "net getlocalsid" returns, none set!. I ran "net setlocalsid" and gave it the SID from "rpcclient NT4PDC -U Administrator%passwd".
(4) net join appeared to work well.
(5) the net rpc vampire command fails: Fetching DOMAIN database SAM_DELTA_DOMAIN_INFO not handled Creating unix group: 'Domain Admins' Creating unix group: 'Domain Users' Creating unix group: 'Domain Guests' Creating account: Administrator Creating account: Guest Creating account: TESTPDC$ Creating account: user1 Creating account: user2 Creating account: admin1 Creating account: admin2 Creating account: CROAK$ Creating account: DEBBIE$ [2003/07/17 19:41:14, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(583) Could not find global group 512 [2003/07/17 19:41:14, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(583) Could not find global group 513 [2003/07/17 19:41:14, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(583) Could not find global group 514 Fetching BUILTIN database [2003/07/17 19:41:14, 0] rpc_client/cli_pipe.c:rpc_api_pipe_req(1026) SCHANNEL ERROR: seq_num must be even in client (seq_num=3) SAM_DELTA_DOMAIN_INFO not handled Creating unix group: 'Account Operators' Creating unix group: 'Administrators' Creating unix group: 'Backup Operators' Creating unix group: 'Guests' Creating unix group: 'Print Operators' Creating unix group: 'Replicator' Creating unix group: 'Server Operators' Creating unix group: 'Users'
Nothing is put in LDAP, /etc/passwd., or /etc/group. I was hoping my LDAP would be populated :-(.
(6) I noticed that pdbedit -Lv did put the sambaDomain entry into LDAP. This is the only change that occurred in LDAP.
(7) The migration instructions mention: Before attempting to migrate user and group accounts it is STRONGLY advised to create in Samba-3 the groups that are present on the MS Windows NT4 domain AND to connect these to suitable Unix/Linux groups
How does one create/connect these Samba-3 groups that work when using samba with LDAP?
BTW I am using IBM's LDAP server 5.1 on Redhat 8
Thanks, Peter
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
