Bug 323 - net rpc vampire fails with ldapsam
net rpc vampire fails with ldapsam
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: net utility
3.0.0preX
All Linux
: P2 major
: none
Assigned To: Tim Potter
:
Depends on:
Blocks: 826
  Show dependency treegraph
 
Reported: 2003-08-19 08:27 UTC by Roland Gruber
Modified: 2005-11-14 09:25 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Roland Gruber 2003-08-19 08:27:42 UTC
Samba RC1 fails to migrate the users and groups from an NT4 PDC to ldapsam.
The Samba server has joined the domain as BDC and "net rpc samdump" shows all
users and groups with password etc..
Samba does migrate users if they already had an posixAccount in LDAP, the LDAP
attributes look good, I will test login ability tomorrow.
What Samba doeas not migrate are all users who are not already in LDAP, all
groups and all host accounts.
I cannot remember if the sambadomainName object was created by me or by Samba,
but it is correctly in LDAP.

I attached the output of vampire and added some comments, hope this will help
you. There are no informations about the vampire in log.smbd/nmbd.


Fetching DOMAIN database
SAM_DELTA_DOMAIN_INFO not handled
// groups are not created
Creating unix group: 'DomCreating unix group: 'DomCreating unix group:
'DomCreating unix group: 'FML-BWL-Benutzer'
Creating unix group: 'FML-BWL-Sekretariat'
Creating unix group: 'FML-BWL-EOP'
Creating unix group: 'FML-BWL-Programme'
Creating unix group: 'FML-BWL-WertFleisch'
// These are not created
Creating account: Administrator
Creating account: Gast
// These are already as posixAccount in LDAP
Creating account: Betz
[2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485)
  Primary group of Betz has no mapping!
Creating account: Schorr
[2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485)
  Primary group of Schorr has no mapping!
Creating account: Gruber
[2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485)
  Primary group of Gruber has no mapping!
Creating account: Bibliothek
Creating account: Dustmann
[2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485)
  Primary group of Dustmann has no mapping!
// These are not in LDAP
Creating account: Hiwint
Creating account: Stockmeyer
// Workstations are not created
Creating account: PC13$
Creating account: PC02$
Creating account: PC03$
Creating account: PC04$
Creating account: PC05$
Creating account: PC07$
Creating account: PC08$
Creating account: PC09$
Creating account: PC10$
Creating account: PC11$
Creating account: PC14$
Creating account: PC15$
Creating account: PC16$
Creating account: PC17$
Creating account: PC18$
Creating account: PC12$
Creating account: PC00$
Creating account: PC01$
Creating account: PC06$
Creating account: NOVI$
Creating account: Sweepupd
Creating account: DECI$
Creating account: PCNB00$
Creating account: TUX1$
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 512
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 513
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 514
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 1004
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 1005
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 1006
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 1007
[2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586)
  Could not find global group 1008
Fetching BUILTIN database
SAM_DELTA_DOMAIN_INFO not handled
// these groups are not created
Creating unix group: 'Administratoren'
Creating unix group: 'Benutzer'
Creating unix group: 'Druck-Operatoren'
Creating unix group: 'GCreating unix group: 'Konten-Operatoren'
Creating unix group: 'Replikations-Operator'
Creating unix group: 'Server-Operatoren'
Creating unix group: 'Sicherungs-Operatoren'
Comment 1 Roland Gruber 2003-08-22 05:32:34 UTC
I did not set up add user/machine scripts, this may cause the vampire to fail.
Is there also a add group script?
The documentation should be updated that these script are absolutly required.
There should be also some example scripts, I do not know at all what kind of
script is needed here.
Comment 2 Gerald (Jerry) Carter 2003-08-27 13:05:15 UTC
RC2 will ship with this issue unresolved.  We'll put it on 
the plate for RC3 and hope to resolve it by then.
Comment 3 Tim Potter 2003-09-09 23:02:45 UTC
Reproduced on my system.  I think you're right about the add scripts.  I will
investigate further.
Comment 4 Tim Potter 2003-09-09 23:03:08 UTC
assign to me
Comment 5 Tim Potter 2003-09-09 23:58:24 UTC
Roland, you definitely need an 'add user script' and an 'add machine script'
entry in your smb.conf for this to work.  There are a bunch of sample scripts
available in the examples/LDAP directory of the Samba distribution.

I've changed the vampire code a bit so it at least displays an error if it can't
create a posix account for the user.  It's a bit of a cop-out but fixing it
properly would involve too much of a rewrite at this late stage of the 3.0
release.  Sorry.  )-:

I hope to work more on the vampire/bdc code after 3.0 is out.
Comment 6 Gerald (Jerry) Carter 2003-12-12 08:27:54 UTC
reseting target milestone.  3.0.1 has been frozen.  WIll have to 
re-evaluate these.
Comment 7 Gerald (Jerry) Carter 2004-02-10 14:38:24 UTC
tim say ok to close
Comment 8 Gerald (Jerry) Carter 2005-02-07 09:06:22 UTC
originally reported against one of the 3.0.0rc[1-4] releases.
Cleaning up non-production versions.
Comment 9 Gerald (Jerry) Carter 2005-08-24 10:16:32 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
Comment 10 Gerald (Jerry) Carter 2005-11-14 09:25:50 UTC
database cleanup