I tried "net lookup dc" and samba PDC did not show.
The NT machine we have has been shut down and not functional
anymore. Right now, we only have one linux box with gentoo running samba
and we want it to be the PDC.
Thanks,
-Ivan
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Subject: Re: [Samba] Migrate NT domain 4 to samba
To: Ivan Ordonez <[EMAIL PROTECTED]>
X-Mailer: Lotus Notes Release 6.0.2CF1 June 9, 2003
From: Donald W Watson <[EMAIL PROTECTED]>
Date: Thu, 23 Mar 2006 15:50:43 -0800
X-MIMETrack: Serialize by Router on D03NM124/03/M/IBM(Release 6.53HF752 |
November 15, 2005) at
03/23/2006 16:50:48
X-Virus-Scanned: amavisd-new at nature.berkeley.edu
Ivan,
The smb.conf looks fine, nearly identical to mine except I don't have the
entry for "netbios name". If "rock" is the name of your samba server this
shouldn't make difference.
As an experiment, have you tried to see if the PDC is visible from another
Unix box by using either "net lookup dc" or "nmblookup" (nmbd must be
running)? This will help isolate the problem to either the samba PDC
itself or something configured on the NT machine.
Sincerely, Don Watson
Linux Technology and Solutions; Beaverton, OR
503-578-4861/TL: 775-4861; [EMAIL PROTECTED]
Inactive hide details for Ivan Ordonez <[EMAIL PROTECTED]
Ivan Ordonez <[EMAIL PROTECTED]>
Ivan Ordonez <[EMAIL PROTECTED]>
03/23/2006 03:34 PM
[]
To
Donald W Watson/Beaverton/[EMAIL PROTECTED]
[]
cc
[email protected]
[]
Subject
Re: [Samba] Migrate NT domain 4 to samba
Hi,
We were finally able to run "net rpc vampire" command. We created a brand
new smb.conf and add some user scripts.
We shut down our NT machine and make samba the PDC. I have created the
machine name in samba and created a samba root account as well. When I try
to join one machine, PDC is not found. Somehow, the samba PDC does not
know that he is supposed to be a domain controller now that the NT is down.
Anything I need to check or change on my smb.conf?
workgroup = mydomain
netbios name = rock
server string = Samba Server %v
interfaces = eth0
map to guest = Bad User
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = cups
dns proxy = No
os level = 65
passdb expand explicit = no
passdb backend=tdbsam
security = user
local master = yes
domain master = yes
preferred master = yes
domain logons = yes
password server = pc1
encrypt passwords = yes
# Scripts for file (passwd, smbpasswd) backend:
add user script = /usr/sbin/useradd -s /bin/false '%u'
#delete user script = /usr/sbin/userdel '%s'
add user to group script = /usr/bin/gpasswd -a '%u' '%g'
#delete user from group script = /usr/bin/gpasswd -d '%u' '%g'
set primary group script = /usr/sbin/usermod -g '%g' '%u'
add group script = /usr/sbin/groupadd %g && getent group '%g'|awk -F:
'{print $3}'
#delete group script = /usr/sbin/groupdel '%g'
add machine script = /usr/sbin/useradd -d /dev/null -g machines -c
'Machine Account' -s /bin/false -M '%u'
Thanks,
-Ivan
At 07:34 AM 3/23/2006, Donald W Watson wrote:
Ivan,
I noticed when I did this with the old documentation I had to be very
careful reading the chapter and discovering all the necessary
instructions. I also noticed that the old documentation states that with
ldapsam you should not start samba until after the "net rpc vampire" call,
but with tdbsam it states you should start samba before the "net rpc
vampire" call.
In the new documentation it looks much simpler (
http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.pdf), chapter 35:
In smb.conf, domain master = no (you already have this). In smb.conf,
passdbbackend = tdbsam (you already have this). Samba must not be running.
net rpc join -S <NT4 PDC ipaddr> -U Administrator%<Administrator password>
net rpc vampire -S <NT4 PDC ipaddr> -U Administrator%<Administrator password>
pdbedit -L should now show all the new users.
Maybe this will help.
Sincerely, Don Watson Linux Technology and Solutions; Beaverton, OR
503-578-4861/TL: 775-4861; [EMAIL PROTECTED]
Inactive hide details for Ivan Ordonez <[EMAIL PROTECTED]
Ivan Ordonez <[EMAIL PROTECTED]>
Ivan Ordonez <[EMAIL PROTECTED]> Sent by:
[EMAIL PROTECTED] 03/22/2006 11:54 AM
[]
To
[email protected]
[]
cc
[]
Subject
[Samba] Migrate NT domain 4 to samba I have been following the Chapter 9
on Samba -3 by example book on "How to Migrate NT 4 domain to samba 3" and
not having any luck at all. Somehow the vampire command will not work and
give me an error:
Fetching DOMAIN database Failed to fetch domain database:
NT_STATUS_ACCESS_DENIED
What I want to accomplish is to remove Windows NT 4.0 server as PDC and
make Samba our Primary Domain Controller.
Also, I'm not sure if I have tdbsam setup correctly. How do you set it up
correctly? is there a command I should run or should I just edit smb.conf
file and add tdbsam? please see below for my smb.conf configuration.
# Global parameters [global] workgroup = MyDomain netbios
name = rock server string = rock (Samba %v) security =
domain interfaces = eth0 192.168.1.2 encrypt passwords =
yes passdb backend =
tdbsam:/var/lib/samba/private/passdb.tdb passdb expand explicit =
no log file = /usr/local/var/log/log.smb max log size =
50 dns proxy = No wins server = 192.168.1.3 name
resolve order = wins host lmhosts ldap ssl = no log level =
5 passdb:5 auth:10 winbind:2 syslog = 3 domain master =
no domain logons = no
I send an email to this list yesterday abd I thought I should email back
to remind everyone. I am a total newbie and would like much help is
possible. Thank you in advance.
FYI: As it stand, I have samba as our member server only and using it to
host filesharing. Our users login to the domain using domain accounts.
-- To unsubscribe from this list go to the following URL and read the
instructions:
<https://lists.samba.org/mailman/listinfo/samba>https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
