Re: [Samba] Import samba 3 to samba 4
On 08/08/2010 12:44 AM, Michael Wood wrote: On 7 August 2010 19:11, Nico Kadel-Garcianka...@gmail.com wrote: On Mon, Aug 2, 2010 at 10:06 AM, Dave Thurstondthurs...@comcast.net wrote: I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Why do you need to import? Isn't the backend Kerberos and the account informat sufficiently similar that you can simply switch over? (I ask as someone using Samba 3, eyeing Samba 4 with interest to get LDAP out of the hands of Active Directory.) By default Samba 4 uses its own built in LDAP server and the OpenLDAP backend is currently not working properly. I have managed to migrate users from an Apple Open Directory server (which is based on MIT Kerberos and OpenLDAP) to Samba 4, but I was only using Open Directory for authentication of one service. No machines joined to OD or anything like that. All I needed to do was dump the kerberos database, import it to Heimdal, dump it from Heimdal again and then use the password hashes from the Heimdal dump to create the necessary unicodePwd attributes in Samba's directory. After that I used ldapsearch to get hold of the groups each user was a member of and then used ldbmodify (or perhaps ldapmodify. I can't remember now) to migrate them to Samba. I've never used Samba 3 as a PDC, so I'm not sure what the LDAP schema looks like and how it differs from what Samba 4 uses, but as long as the password hashes are in a compatible format, I imagine it's just a matter of slapcat or ldapsearch, munging the results and then ldbmodify to add the users to Samba 4. I don't know of an existing script to do this. I have started writing a script that will pull account information (Users, Groups and Computers) from s3's ldap backend and import it to s4. its still early days though. I'm pretty sure that there will be loads of hurdles to jump before is in any usable state Regards Luk Cc: samba-technical -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Import samba 3 to samba 4
Am 10.08.2010 11:39, schrieb Lukasz Zalewski: On 08/08/2010 12:44 AM, Michael Wood wrote: On 7 August 2010 19:11, Nico Kadel-Garcianka...@gmail.com wrote: On Mon, Aug 2, 2010 at 10:06 AM, Dave Thurstondthurs...@comcast.net wrote: I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Why do you need to import? Isn't the backend Kerberos and the account informat sufficiently similar that you can simply switch over? (I ask as someone using Samba 3, eyeing Samba 4 with interest to get LDAP out of the hands of Active Directory.) By default Samba 4 uses its own built in LDAP server and the OpenLDAP backend is currently not working properly. I have managed to migrate users from an Apple Open Directory server (which is based on MIT Kerberos and OpenLDAP) to Samba 4, but I was only using Open Directory for authentication of one service. No machines joined to OD or anything like that. All I needed to do was dump the kerberos database, import it to Heimdal, dump it from Heimdal again and then use the password hashes from the Heimdal dump to create the necessary unicodePwd attributes in Samba's directory. After that I used ldapsearch to get hold of the groups each user was a member of and then used ldbmodify (or perhaps ldapmodify. I can't remember now) to migrate them to Samba. I've never used Samba 3 as a PDC, so I'm not sure what the LDAP schema looks like and how it differs from what Samba 4 uses, but as long as the password hashes are in a compatible format, I imagine it's just a matter of slapcat or ldapsearch, munging the results and then ldbmodify to add the users to Samba 4. I don't know of an existing script to do this. I have started writing a script that will pull account information (Users, Groups and Computers) from s3's ldap backend and import it to s4. its still early days though. I'm pretty sure that there will be loads of hurdles to jump before is in any usable state I've something that's is almost done for users, groups and computers. It needs a lot of cleanup, then I'll commit it to master/example/*. Currently the script 'myldap-pub.py' expects input.ldif hardcoded (later we can also support ldap urls) metze signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Import samba 3 to samba 4
I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Thanks Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Import samba 3 to samba 4
On Mon, Aug 2, 2010 at 10:06 AM, Dave Thurston dthurs...@comcast.net wrote: I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Thanks Dave Why do you need to import? Isn't the backend Kerberos and the account informat sufficiently similar that you can simply switch over? (I ask as someone using Samba 3, eyeing Samba 4 with interest to get LDAP out of the hands of Active Directory.) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Import samba 3 to samba 4
On 7 August 2010 19:11, Nico Kadel-Garcia nka...@gmail.com wrote: On Mon, Aug 2, 2010 at 10:06 AM, Dave Thurston dthurs...@comcast.net wrote: I have searched but I have yet to find a method to import users and passwords from a samba3/ldap system to samba4. Is there available a method of doing this? Why do you need to import? Isn't the backend Kerberos and the account informat sufficiently similar that you can simply switch over? (I ask as someone using Samba 3, eyeing Samba 4 with interest to get LDAP out of the hands of Active Directory.) By default Samba 4 uses its own built in LDAP server and the OpenLDAP backend is currently not working properly. I have managed to migrate users from an Apple Open Directory server (which is based on MIT Kerberos and OpenLDAP) to Samba 4, but I was only using Open Directory for authentication of one service. No machines joined to OD or anything like that. All I needed to do was dump the kerberos database, import it to Heimdal, dump it from Heimdal again and then use the password hashes from the Heimdal dump to create the necessary unicodePwd attributes in Samba's directory. After that I used ldapsearch to get hold of the groups each user was a member of and then used ldbmodify (or perhaps ldapmodify. I can't remember now) to migrate them to Samba. I've never used Samba 3 as a PDC, so I'm not sure what the LDAP schema looks like and how it differs from what Samba 4 uses, but as long as the password hashes are in a compatible format, I imagine it's just a matter of slapcat or ldapsearch, munging the results and then ldbmodify to add the users to Samba 4. I don't know of an existing script to do this. Cc: samba-technical -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
