Samba RC1 fails to migrate the users and groups from an NT4 PDC to ldapsam. The Samba server has joined the domain as BDC and "net rpc samdump" shows all users and groups with password etc.. Samba does migrate users if they already had an posixAccount in LDAP, the LDAP attributes look good, I will test login ability tomorrow. What Samba doeas not migrate are all users who are not already in LDAP, all groups and all host accounts. I cannot remember if the sambadomainName object was created by me or by Samba, but it is correctly in LDAP. I attached the output of vampire and added some comments, hope this will help you. There are no informations about the vampire in log.smbd/nmbd. Fetching DOMAIN database SAM_DELTA_DOMAIN_INFO not handled // groups are not created Creating unix group: 'DomCreating unix group: 'DomCreating unix group: 'DomCreating unix group: 'FML-BWL-Benutzer' Creating unix group: 'FML-BWL-Sekretariat' Creating unix group: 'FML-BWL-EOP' Creating unix group: 'FML-BWL-Programme' Creating unix group: 'FML-BWL-WertFleisch' // These are not created Creating account: Administrator Creating account: Gast // These are already as posixAccount in LDAP Creating account: Betz [2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485) Primary group of Betz has no mapping! Creating account: Schorr [2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485) Primary group of Schorr has no mapping! Creating account: Gruber [2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485) Primary group of Gruber has no mapping! Creating account: Bibliothek Creating account: Dustmann [2003/08/19 16:57:56, 0] utils/net_rpc_samsync.c:fetch_account_info(485) Primary group of Dustmann has no mapping! // These are not in LDAP Creating account: Hiwint Creating account: Stockmeyer // Workstations are not created Creating account: PC13$ Creating account: PC02$ Creating account: PC03$ Creating account: PC04$ Creating account: PC05$ Creating account: PC07$ Creating account: PC08$ Creating account: PC09$ Creating account: PC10$ Creating account: PC11$ Creating account: PC14$ Creating account: PC15$ Creating account: PC16$ Creating account: PC17$ Creating account: PC18$ Creating account: PC12$ Creating account: PC00$ Creating account: PC01$ Creating account: PC06$ Creating account: NOVI$ Creating account: Sweepupd Creating account: DECI$ Creating account: PCNB00$ Creating account: TUX1$ [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 512 [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 513 [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 514 [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 1004 [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 1005 [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 1006 [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 1007 [2003/08/19 16:57:57, 0] utils/net_rpc_samsync.c:fetch_group_mem_info(586) Could not find global group 1008 Fetching BUILTIN database SAM_DELTA_DOMAIN_INFO not handled // these groups are not created Creating unix group: 'Administratoren' Creating unix group: 'Benutzer' Creating unix group: 'Druck-Operatoren' Creating unix group: 'GCreating unix group: 'Konten-Operatoren' Creating unix group: 'Replikations-Operator' Creating unix group: 'Server-Operatoren' Creating unix group: 'Sicherungs-Operatoren'
I did not set up add user/machine scripts, this may cause the vampire to fail. Is there also a add group script? The documentation should be updated that these script are absolutly required. There should be also some example scripts, I do not know at all what kind of script is needed here.
RC2 will ship with this issue unresolved. We'll put it on the plate for RC3 and hope to resolve it by then.
Reproduced on my system. I think you're right about the add scripts. I will investigate further.
assign to me
Roland, you definitely need an 'add user script' and an 'add machine script' entry in your smb.conf for this to work. There are a bunch of sample scripts available in the examples/LDAP directory of the Samba distribution. I've changed the vampire code a bit so it at least displays an error if it can't create a posix account for the user. It's a bit of a cop-out but fixing it properly would involve too much of a rewrite at this late stage of the 3.0 release. Sorry. )-: I hope to work more on the vampire/bdc code after 3.0 is out.
reseting target milestone. 3.0.1 has been frozen. WIll have to re-evaluate these.
tim say ok to close
originally reported against one of the 3.0.0rc[1-4] releases. Cleaning up non-production versions.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
database cleanup