Hi.
I'm having a helluva time trying to replace my Samba PDC machine with
new hardware, and I'd really appreciate some pointers about how I should
be doing it. I'm sorry, I wrote a lot of detail in this email - trying
to mention everything that might be relevant.
Here's the detail:
I've a perfectly functional PDC running on older hardware under RedHat 9
and Samba 3.0.2.
When I set it up, I was creating a windows domain for the first time, so
I had no data to migrate. It was really easy to set up once I'd read
about all the options I needed in the smb.conf file. (I've posted the
smb.conf files at the end.)
I now want to replace this machine with a completely new box. So I've
got the new hardware and installed FC4 on there, including Samba version
3.0.14. I've migrated with no problems the NIS, DNS, cups and so on and
they are all working just fine off the new machine. The old PDC is now
ypbound to the new machine for unix users, and it's still working just
fine in samba.
I want to migrate the SMB from the old to the new box. I tried simply
copying all the samba config files and /var/samba/* from the PDC to the
same places on the new box, then stopping smb on the old box and
starting it on the new one. This resulted in none of the windows
machines being able to see any domain controller at all, so I nuked all
that and started again. I uninstalled all samba from the new machine,
then searched the hard disk and removed all the samba directories to
ensure a completely clean start, then I installed samba from scratch.
I tried setting up the new server as a BDC, and joining the domain
(using 'net join'). I copied and edited the smb.conf file from the
working server, then copied over passdb.tdb and smbusers. I then used
'net rpc getsid' to set the sid of the BDC and started smb. The new
machine thought that it was working fine as a BDC, but none of the
windows machines connected to it. I then stopped the PDC service, and
again none of the windows boxes could see any kind of domain controller
(even after rebooting them).
Finally, I edited the smb.conf on the new server to tell it to be a PDC,
in an attempt to promote it. After rebooting, the workstations could see
it as a domain controller. However, they will only let me log in to the
domain as user "root" (which I'd added to the original server early on
to make things work). It doesn't allow anyone else to log in with the
'helpful' message "Windows could not log you on". Obviously it's sort of
working, because the machines seem to be able to connect and see the
domain, and if I log in as root and then, say, go to add a domain user
to the Administrators group, it works fine and I can view a full list of
domain users as I would expect.
So how do I get this thing to work? I'm not using LDAP as the backend,
and although I can see the advantages I don't right now want to try and
set all that up. How do I migrate all the user and machine information
from the old PDC to the new one, using tdbsam as the backend? Should I
export the contents of tdbsam to smbpasswd and then back again on the
new machine? In which case, how do I do this?
Any help appreciated.
Paul.
---
Here are my smb.conf files. (I've not posted some of the bits which I'm
pretty sure aren't relevant like logging options and comments).
Here's the config from the working PDC
<snip>
[global]
netbios name = antonia
workgroup = vilnt
server string = vilnt PDC (antonia)
passdb backend = tdbsam
security = user
add machine script = /usr/sbin/useradd -g 100 -d /dev/null -s
/bin/false -M %u
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 50
domain master = yes
preferred master = yes
domain logons = yes
logon script = %U.bat
logon path = \\picard\%U\.ntprofile
logon drive = H:
logon home = \\picard\%U
wins support = yes
dns proxy = yes
#============================ Share Definitions
==============================
[netlogon]
comment = Network Logon Service
path = /netlogon
guest ok = yes
writable = no
share modes = no
</snip>
And here is the config from the new server:
<snip>
[global]
netbios name = charlotte
workgroup = vilnt
server string = vilnt new PDC (charlotte)
passdb backend = tdbsam
security = user
add machine script = /usr/sbin/useradd -g 100 -d /dev/null -s
/bin/false -M %u
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 50
domain master = yes
preferred master = yes
domain logons = yes
logon script = %U.bat
logon path = \\picard\%U\.ntprofile
logon drive = H:
logon home = \\picard\%U
wins support = yes
dns proxy = yes
#============================ Share Definitions
==============================
[netlogon]
comment = Network Logon Service
path = /netlogon
guest ok = yes
writable = no
share modes = no
</snip>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
