Hi! We have a Samba domain controller in very old RedHat. How should I move it to a new SuSE 9.2? I need to move the PDC functionality, the users and the files. There are not that many users, so they could all set their passwords again if it's not possible to move them. First thing, how do I import the users to SuSE 9.2? The RH system doesn't use shadow (if that helps). I need to import them to both linux (the normal /etc/passwd) as well as samba... there isn't any import system? Next, what to I need to do to move the computers (windows clients)? Just import them as normal users? To both linux main users as well as samba users? How about synchronization of the passwords from samba (windows client) to unix? Windows users must change their passwords from windows. Then the switch... should I first switch off the old server (at least the samba) and after that configure the new server as PDC to the same domain and start that up. I'm expecting to do as much as possible through the Yast GUI, but as with many other things... I think it's not enough and I need to go to the conf-files. What kind of problems should I expect? -- Hugo.
On Mon, 2005-02-28 at 12:53 +0200, Hugo wrote:
What kind of problems should I expect? I have moved a winbind/samba installation across servers, and I think you should find it reasonably easy. Find all the tdb files from the old installation, and copy them to the new one (on suse I think its /var/lib/samba by default. This will copy your username maps etc across) I am not sure how to transfer your local users across though, I am sure someone else on the list can help with that. Maybe if you convert to /etc/shadow on the redhat box first, then copy the files. (try to use blowfish for the passwords hash, this is default in suse 92)
Since I'm currently doing the same stuff (transfering PDC from an old Caldera box to Suse 9.1), maybe I can be of some assistance. But first of all I sugest you really should read some very good (and free) books on Samba - "Official HOWTO and Reference Guide" and "Samba 3 by Example" for start. You can find them on Samba web page.
There are not that many users, so they could all set their passwords again if it's not possible to move them. First thing, how do I import the users to SuSE 9.2? The RH system doesn't use shadow (if that helps). I need to import them to both linux (the normal /etc/passwd) as well as samba... there isn't any import system?
Moving passwd file should be easy. You should first run command "pwck" on your old system to check for inconsistencies in passwd files (mixed uids etc.) Then just copy it over to new machine (to /tmp), delete unnecessary (system) accounts from it and then APPEND this passwd file to /etc/passwd. After that run "pwconv" command on Suse to convert new entries from passwd to shadow. This procedure should retain all passwords! Samba passwords are same story (I guess you're using smbpasswd backend) - just copy smbpasswd to Suse's /etc/samba and that's it.
Next, what to I need to do to move the computers (windows clients)? Just import them as normal users? To both linux main users as well as samba users?
I don't really understand what you mean by "moving the computers" - I guess you mean what about all those accounts that end with $? They are exactly like normal accounts, so just do it the same way.
Then the switch... should I first switch off the old server (at least the samba) and after that configure the new server as PDC to the same domain and start that up. I'm expecting to do as much as possible through the Yast GUI, but as with many other things... I think it's not enough and I need to go to the conf-files.
There is one important thing you shoud know about PDC's - every domain controller has a SID number, and you MUST insert this SID into your new Samba installation, otherwise your W2k/XP clients won't be able to login. What version of Samba are you currently running? You can get the SID with smbpasswd command, but I don't remember the correct parameter - consult the docs and manpages. If anyone else has some info on moving PDC to new installation, I'd sure like to hear it. robert
Hi : A friend of mine got me a copy of SLSE9 and I want to install it !! Can I ??? do I have to buy a license?? Thanks
Hi :
A friend of mine got me a copy of SLSE9 and I want to install it !! Can I ??? do I have to buy a license??
Since it's licensed software, you'll have to read the license aggreement your friend have. There are licenses for installation onto several computers. If uncertain, contact Novell/SuSE to verify what the license covers. (Also, SLES questions should be the in suse-sles-e list, not here) Anders Norrbring Norrbring Consulting
Anders Norrbring wrote:
Hi :
A friend of mine got me a copy of SLSE9 and I want to install it !! Can I ??? do I have to buy a license??
Since it's licensed software, you'll have to read the license aggreement your friend have. There are licenses for installation onto several computers.
If uncertain, contact Novell/SuSE to verify what the license covers. (Also, SLES questions should be the in suse-sles-e list, not here)
At last year's Real World Linux conference, in Toronto, Novell was handing out copies of SLE8. They said that it could be copied and used, but there would be no support available.
On Wed, Mar 02, 2005 at 09:13:25AM -0500, James Knott wrote:
Anders Norrbring wrote:
Hi :
A friend of mine got me a copy of SLSE9 and I want to install it !! Can I ??? do I have to buy a license??
Since it's licensed software, you'll have to read the license aggreement your friend have. There are licenses for installation onto several computers.
If uncertain, contact Novell/SuSE to verify what the license covers. (Also, SLES questions should be the in suse-sles-e list, not here)
At last year's Real World Linux conference, in Toronto, Novell was handing out copies of SLE8. They said that it could be copied and used, but there would be no support available.
Think of this the next time someone bashes Novell for trying to make money and maintain a business. They are one of the most giving companies I've ever seen.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
On Wednesday 02 March 2005 12:25, Helder Lopes wrote:
Hi :
A friend of mine got me a copy of SLSE9 and I want to install it !! Can I ??? do I have to buy a license??
Thanks
You can use it, but you not be able to install any updates/security fixes. For that, you need a license. Josephine
Hi :
A friend of mine got me a copy of SLSE9 and I want to install it !! Can I ??? do I have to buy a license??
Thanks
You can use it, but you not be able to install any updates/security fixes. For that, you need a license.
He *CAN*, but if the license agreement is for use on ONE computer, it's most definitely a license agreement breach. It's NOT allowed. Refer to the Novell sales department for info.
On Wednesday 02 March 2005 13:49, Anders Norrbring wrote:
He *CAN*, but if the license agreement is for use on ONE computer, it's most definitely a license agreement breach. It's NOT allowed.
It's allowed to install as many times as you want, you can get the .isos from Novell. What you have to pay for is access to patches, service packs and the right to install new versions when they are released, free of additional charge. This is called Annual Upgrade Protection. AUP has to be paid for each machine. You cannot have AUP for some machines in your company and for others not. It's either you have it for all of them or you don't have it at all. And, of course, for real production work, not having UP is braindamage. For testing, to see what's SLES9 like, Novell gives you 1 month of Upgrade Protection, so you can install and update it. http://www.novell.com/products/linuxenterpriseserver/eval.html
Anders Norrbring wrote:
Hi :
A friend of mine got me a copy of SLSE9 and I want to install it !! Can
I
??? do I have to buy a license??
Thanks
You can use it, but you not be able to install any updates/security fixes. For that, you need a license.
He *CAN*, but if the license agreement is for use on ONE computer, it's most definitely a license agreement breach. It's NOT allowed. Refer to the Novell sales department for info.
According to a Novell rep last year, they can be copied.
Hi! Back on line, finally... but not because of the samba PDC update :-) On Mon, 28 Feb 2005 16:55:07 +0100, Robert Manfreda <robert.manfreda@ydria-motors.si> wrote:
Next, what to I need to do to move the computers (windows clients)? Just import them as normal users? To both linux main users as well as samba users?
I don't really understand what you mean by "moving the computers" - I guess you mean what about all those accounts that end with $? They are exactly like normal accounts, so just do it the same way.
That's what I meant. And thanks for all the other very helpfull advices. BTW, if I import new users by just appending them to /etc/passwd... do I need to manually create their home dirs? Or will those be automatically created when they first login? What about if they never log in from X, just samba or maybe SSH?
There is one important thing you shoud know about PDC's - every domain controller has a SID number, and you MUST insert this SID into your new Samba installation, otherwise your W2k/XP clients won't be able to login. What version of Samba are you currently running? You can get the SID with smbpasswd command, but I don't remember the correct parameter - consult the docs and manpages.
This is the kind of thing that I was worried about. But what do you exacly mean... do you mean that if I change the PDC to another computer with the same domain name and same server name, then the windows clients will not connect? Is it that the windows clients remember the server and it's unique SID and refuse to connect? I will have the same domain name, but different server (name). So I was thinking that the clients should not have any problems with the server and anything unique about it... I was actually going to try it by creating a test domain and testing the user and workstation transfers in that. After I got everything working, I was going to just change the domain name to the same as currently... and reboot all the clients or something :-) Of course there are lot's of smaller details still before I can actually do the switch (like checking the logon scripts and so on), but I'm going to get started this weekend. -- Hugo.
participants (9)
-
Allen -
Anders Norrbring -
Hamish -
Helder Lopes -
Hugo -
James Knott -
Josephine -
Robert Manfreda -
Silviu Marin-Caea