So here is the setup now: pam worknig, ldap working, samba working, passwd sync works great both ways (linux accounts > win accouns; win > lin). I'm useing another domain name for the new pdc. Today i tried to migtrate all the accounts from the Win2k PDC and i got into problems. I changed in smb.conf the domain name to the one of the win PDC , joind my samba intro the domain and did a net rpc vampire , text flashed :) , and accounts were imported. Everything seemd to be ok . I changed the domain name to the new one, and restarted samba. I tried to login to the domain from a win 2k workstation previosly joind into the new domain. None of the imported accouts worked. I read some more docs and tried a
scorpius:~# /usr/local/samba/bin/net groupmap modify ntgroup='Domain Users' unixgroup=users net: /build/buildd/openldap2-2.0.23/libraries/liblber/decode.c:500: ber_scanf: Assertion `(( ber )->ber_opts.lbo_valid==0x2)' failed. Aborted If i try the same thind with "Domain Admins" -> root it doesn't work at all and says group not found scorpius:~# /usr/local/samba/bin/net groupmap modify ntgroup='Domain Admins' unixgroup=root [2003/10/08 10:43:38, 0] passdb/pdb_ldap.c:ldapsam_update_group_mapping_entry(1954) ldapsam_update_group_mapping_entry: No group to modify! Could not update group database scorpius:~# /usr/local/samba/bin/net groupmap list Users (S-1-5-32-545) -> users Domain Admins (S-1-5-21-682003330-616249376-1417001333-512) -> Domain Admins Domain Users (S-1-5-21-682003330-616249376-1417001333-513) -> Domain Users Domain Guests (S-1-5-21-682003330-616249376-1417001333-514) -> Domain Guests Administrators (S-1-5-32-544) -> Administrators Guests (S-1-5-32-546) -> Guests Account Operators (S-1-5-32-548) -> Account Operators Server Operators (S-1-5-32-549) -> Server Operators Print Operators (S-1-5-32-550) -> Print Operators Backup Operators (S-1-5-32-551) -> Backup Operators Replicator (S-1-5-32-552) -> Replicator Domain Computers (S-1-5-21-682003330-616249376-1417001333-515) -> Domain Computers So any ideeas, i think i can't use the accounts beacuse of the different sid I can't add by hand old accounts , beacause i have around 2000 users, so it is a must to migrate. Thanks -- Permission to live...DENIED! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
