Hi,
Can someone help me get "net rpc vampire" in one of its forms working. The objective is to migrate from an NT4 PDC to a SAMBA 3.0 PDC using LDAP as a back end. I am trying to migrate the user and machine accounts across in a lab environment, separate from the main network (I have replicated the PDC to do this). I have samba-3.0.20b built from the samba team source RPM on Fedora Core 3, and I'm trying to follow the steps here: http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/NT4Migration.html also here: http://samba.idealx.org/smbldap-howto.en.html (section 11.1) I have seen the problems listed here: http://lists.samba.org/archive/samba/2004-June/088448.html http://lists.samba.org/archive/samba/2004-July/089147.html and I'm getting the same thing happening to me. I have also tried using "net rpc vampire ldif" with similar results: I started by creating a samba server and setting it up as a BDC: [global] workgroup = MYDOMAIN netbios name = MYSAMBASERVER server string = Samba Server security = domain encrypt passwords = Yes password server = MYPDC log file = /var/log/samba/%m.log max log size = 0 name resolve order = host wins bcast socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = No domain master = False dns proxy = No wins server = 192.168.1.1 winbind uid = 10000-20000 winbind gid = 10000-20000 winbind separator = + create mask = 0777 directory mask = 0777 hosts allow = 192.168. 127. printing = lprng oplocks = No follow symlinks = No idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false winbind use default domain = no Then I added the following parts to smb.conf to give it the LDAP information: ldap suffix = dc=debortoli,dc=local ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups Join the domain: net rpc join -U Administrator%PASSWORD service smb start I can verify the domain is joined by using: net rpc testjoin Also, I can see all of the accounts using winbind: service winbind start getent passwd However from this point on nothing in "net rpc vampire" works. net rpc vampire ldif ./vampire.ldif fails with: Could not retrieve domain trust secret net rpc vampire ldif ./vampire.ldif -S MYPDC -U Administrator%PASSWORD fails with: Cannot import users from DBW at this time, as the current domain: FC3-DBW-3: S-1-5-21-92691229-39247329-4222772032 conflicts with the remote domain DBW: S-1-5-21-423981254-716712060-315576832 This is a suggested fix: * http://lists.samba.org/archive/samba/2004-July/089148.html but it fails like this: # net setlocalsid S-1-5-21-423981254-716712060-315576832 # net rpc vampire ldif Cannot import users from FC3-DBW-3 at this time, as the current domain: FC3-DBW-3: S-1-5-21-423981254-716712060-315576832 conflicts with the remote domain FC3-DBW-3: S-1-5-21-92691229-39247329-4222772032 Alternatively, running this: net rpc vampire ldif ./vampire.ldif -S MYPDC -U Administrator%PASSWORD ... results in an empty ./vampire.ldif file, and two files /tmp/add.ldif and /tmp/mod.ldif. /tmp/mod.ldif is empty and /tmp/add.ldif contains the base LDAP structure but no users other than "root" and "nobody". I have tried the http://samba.idealx.org/smbldap-howto.en.html method (making samba a PDC, stopping the other PDC, restarting samba, etc) but that fails as well with just about the same error messages as above. Is there any way of getting this net rpc vampire tool to work? Has anyone had any success with it? What entries do I need in smb.conf etc to get things working? -- Del -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
