FAQ
Hopefully very easy question to answer. I am trying to migrate data of of
a samba server that is using winbind joined to a windows domain to another
box. What samba or winbind files do I need so that this will resolve to
names rather than UID and GID. For example........
drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student

Thanks
--
Bo Lynch

Search Discussions

  • JohnS at May 21, 2009 at 6:43 pm

    On Thu, 2009-05-21 at 14:16 -0400, Bo Lynch wrote:
    Hopefully very easy question to answer. I am trying to migrate data of of
    a samba server that is using winbind joined to a windows domain to another
    box. What samba or winbind files do I need so that this will resolve to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student

    Thanks
    --
    Migrate what data exactly? Is winbindd/samba your domain controller or
    is it on a Active Directory Server?

    Caveat is you don't need winbindd. If you using winbind with AD then
    save your *.tdb files. Depends on your situation totally. Kerberos cache
    come to mind also. You smb.conf also. Just to migrate user data none of
    the above is needed. This answer you ? ?. As far as I know UID and GID
    is the only way to inter operate with AD...

    JohnStanley
  • Bo Lynch at May 21, 2009 at 6:48 pm

    On Thu, May 21, 2009 2:43 pm, JohnS wrote:
    On Thu, 2009-05-21 at 14:16 -0400, Bo Lynch wrote:
    Hopefully very easy question to answer. I am trying to migrate data of
    of
    a samba server that is using winbind joined to a windows domain to
    another
    box. What samba or winbind files do I need so that this will resolve to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student

    Thanks
    --
    Migrate what data exactly? Is winbindd/samba your domain controller or
    is it on a Active Directory Server?

    Caveat is you don't need winbindd. If you using winbind with AD then
    save your *.tdb files. Depends on your situation totally. Kerberos cache
    come to mind also. You smb.conf also. Just to migrate user data none of
    the above is needed. This answer you ? ?. As far as I know UID and GID
    is the only way to inter operate with AD...

    JohnStanley
    The situation I'm in is that this box is joining to a win2000 PDC using
    samba+winbind for setting permissions on files and dir with domain
    users/groups. When I do a ls -l I just see the uid or gid instead of the
    domainame+_user domainname+group which is causing samba not to know who
    owns the file.
  • Toby Bluhm at May 21, 2009 at 7:33 pm

    Bo Lynch wrote:
    On Thu, May 21, 2009 2:43 pm, JohnS wrote:
    On Thu, 2009-05-21 at 14:16 -0400, Bo Lynch wrote:
    Hopefully very easy question to answer. I am trying to migrate data of
    of
    a samba server that is using winbind joined to a windows domain to
    another
    box. What samba or winbind files do I need so that this will resolve to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student

    Thanks
    --
    Migrate what data exactly? Is winbindd/samba your domain controller or
    is it on a Active Directory Server?

    Caveat is you don't need winbindd. If you using winbind with AD then
    save your *.tdb files. Depends on your situation totally. Kerberos cache
    come to mind also. You smb.conf also. Just to migrate user data none of
    the above is needed. This answer you ? ?. As far as I know UID and GID
    is the only way to inter operate with AD...

    JohnStanley
    The situation I'm in is that this box is joining to a win2000 PDC using
    samba+winbind for setting permissions on files and dir with domain
    users/groups. When I do a ls -l I just see the uid or gid instead of the
    domainame+_user domainname+group which is causing samba not to know who
    owns the file.
    Is winbind added to the appropriate fields in nsswitch.conf?

    --
    tkb
  • Bo Lynch at May 21, 2009 at 7:29 pm

    On Thu, May 21, 2009 3:33 pm, Toby Bluhm wrote:
    Bo Lynch wrote:
    On Thu, May 21, 2009 2:43 pm, JohnS wrote:
    On Thu, 2009-05-21 at 14:16 -0400, Bo Lynch wrote:
    Hopefully very easy question to answer. I am trying to migrate data of
    of
    a samba server that is using winbind joined to a windows domain to
    another
    box. What samba or winbind files do I need so that this will resolve
    to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46
    Student

    Thanks
    --
    Migrate what data exactly? Is winbindd/samba your domain controller or
    is it on a Active Directory Server?

    Caveat is you don't need winbindd. If you using winbind with AD then
    save your *.tdb files. Depends on your situation totally. Kerberos
    cache
    come to mind also. You smb.conf also. Just to migrate user data none of
    the above is needed. This answer you ? ?. As far as I know UID and GID
    is the only way to inter operate with AD...

    JohnStanley
    The situation I'm in is that this box is joining to a win2000 PDC using
    samba+winbind for setting permissions on files and dir with domain
    users/groups. When I do a ls -l I just see the uid or gid instead of the
    domainame+_user domainname+group which is causing samba not to know who
    owns the file.
    Is winbind added to the appropriate fields in nsswitch.conf?

    --

    Yes
  • Toby Bluhm at May 21, 2009 at 7:39 pm

    The situation I'm in is that this box is joining to a win2000 PDC using
    samba+winbind for setting permissions on files and dir with domain
    users/groups. When I do a ls -l I just see the uid or gid instead of the
    domainame+_user domainname+group which is causing samba not to know who
    owns the file.
    Is winbind added to the appropriate fields in nsswitch.conf?

    --

    Yes

    Is wbind running? Does any of the wbinfo commands give what you expect?


    --
    tkb
  • JohnS at May 21, 2009 at 7:57 pm

    On Thu, 2009-05-21 at 15:39 -0400, Toby Bluhm wrote:
    The situation I'm in is that this box is joining to a win2000 PDC using
    samba+winbind for setting permissions on files and dir with domain
    users/groups. When I do a ls -l I just see the uid or gid instead of the
    domainame+_user domainname+group which is causing samba not to know who
    owns the file.
    Is winbind added to the appropriate fields in nsswitch.conf?

    --

    Yes

    Is wbind running? Does any of the wbinfo commands give what you expect?
    Hey what is winbindd need for? I don't need it!
    ----------------------------------------
    [global]
    workgroup = yourstruly.local
    password server = yourstruly.local
    realm = YOURSTRULY.LOCAL
    security = ads
    idmap uid = 16777216-33554431
    idmap gid = 16777216-33554431
    template shell = /bin/false
    winbind use default domain = false
    winbind offline logon = false
    ----------------------------------------
  • JohnS at May 21, 2009 at 7:45 pm

    On Thu, 2009-05-21 at 14:48 -0400, Bo Lynch wrote:
    On Thu, May 21, 2009 2:43 pm, JohnS wrote:
    On Thu, 2009-05-21 at 14:16 -0400, Bo Lynch wrote:
    Hopefully very easy question to answer. I am trying to migrate data of
    of
    a samba server that is using winbind joined to a windows domain to
    another
    box. What samba or winbind files do I need so that this will resolve to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student

    Thanks
    --
    Migrate what data exactly? Is winbindd/samba your domain controller or
    is it on a Active Directory Server?

    Caveat is you don't need winbindd. If you using winbind with AD then
    save your *.tdb files. Depends on your situation totally. Kerberos cache
    come to mind also. You smb.conf also. Just to migrate user data none of
    the above is needed. This answer you ? ?. As far as I know UID and GID
    is the only way to inter operate with AD...

    JohnStanley
    The situation I'm in is that this box is joining to a win2000 PDC using
    samba+winbind for setting permissions on files and dir with domain
    users/groups. When I do a ls -l I just see the uid or gid instead of the
    domainame+_user domainname+group which is causing samba not to know who
    owns the file.
    ---
    To be truthfull it sounds like the Machine SID has been changed or a
    domain added and deleted on the AD server. Can you from the AD server in
    AD Users and Groups confirm the same thing from a mapped share by
    looking at the user listed in it? Of cousre this required the Samba host
    to have the drive mounted with the acl option.

    JohnStanley
  • JohnS at May 21, 2009 at 6:50 pm

    On Thu, 2009-05-21 at 14:16 -0400, Bo Lynch wrote:
    What samba or winbind files do I need so that this will resolve to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student
    ---
    Ok lets take away AD. To use regular name authentication. Add your users
    to the system and put them in a group. Then use smbpassd username. That
    way users are authenticated by USER_NAME. You will have to change the
    authentication mode to security = user in smb.conf.

    JohnStanley
  • Fabian Arrotin at May 22, 2009 at 6:37 pm

    Bo Lynch wrote:
    Hopefully very easy question to answer. I am trying to migrate data of of
    a samba server that is using winbind joined to a windows domain to another
    box. What samba or winbind files do I need so that this will resolve to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student
    If you mean that you migrate data from one samba server to another *non*
    samba machine it depends how your newly machine is/will be configured.
    Is the samba domain ADS based ? have you used the idmap_rid feature ? (a
    *must* when having multiple linux/unix machines using winbind in a AD
    domain to have a consistent id/sid mapping accross all the samba
    machines instead of the 'first come, first serve' id from from idmap pool) .
    If not, don't forget that even if you configure winbind/samba the same
    way it was on the old machine, the uid/gid map will never be the same
    (except when using idmap_rid directly)
    So my advice is just to backup the permissions on the old machine (with
    getfacl) , rsync the data, join the new machine to the domain, and
    restores permissions back (with setfacl --restore)

    --
    --
    Fabian Arrotin
    idea=`grep -i clue /dev/brain`
    test -z "$idea" && echo "sorry, init 6 in progress" || sh ./answer.sh
  • JohnS at May 23, 2009 at 4:38 pm

    On Fri, 2009-05-22 at 20:37 +0200, Fabian Arrotin wrote:
    Bo Lynch wrote:
    Hopefully very easy question to answer. I am trying to migrate data of of
    a samba server that is using winbind joined to a windows domain to another
    box. What samba or winbind files do I need so that this will resolve to
    names rather than UID and GID. For example........
    drwxr-x--- 1049 10926 10005 36864 May 15 11:46 Student
    If you mean that you migrate data from one samba server to another *non*
    samba machine it depends how your newly machine is/will be configured.
    Is the samba domain ADS based ? have you used the idmap_rid feature ? (a
    *must* when having multiple linux/unix machines using winbind in a AD
    domain to have a consistent id/sid mapping accross all the samba
    machines instead of the 'first come, first serve' id from from idmap pool) .
    If not, don't forget that even if you configure winbind/samba the same
    way it was on the old machine, the uid/gid map will never be the same
    (except when using idmap_rid directly)
    So my advice is just to backup the permissions on the old machine (with
    getfacl) , rsync the data, join the new machine to the domain, and
    restores permissions back (with setfacl --restore)
    ---
    What about the Old Samba SID Number? He will need that also. There is a
    whole section of a couple pages explaining on how to do this in "Samba 3
    Howto.pdf" from samba.org. He is much better off reading it himself than
    anyone trying to explain it to him. He also needs to take into
    consideration of my previous post to him if that is the case also.

    JohnStanley

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcentos @
categoriescentos
postedMay 21, '09 at 6:16p
activeMay 23, '09 at 4:38p
posts11
users4
websitecentos.org
irc#centos

People

Translate

site design / logo © 2022 Grokbase