Web lists-archives.com

Re: [Samba] Migrating from Samba 3: no groups/users are imported ("listed, but then not found", "does not belong to our domain")




Rowland Penny via samba писал 2018-09-05 15:56:
On Wed, 05 Sep 2018 15:26:30 +0700
Konstantin Boyandin via samba <samba@xxxxxxxxxxxxxxx> wrote:

Exactly that. I need to create a separate domain; after all the
checks are done that switching to it works, the computers will rejoin
the new domain. Our Samba 3 domain is used for years; since Window 10
is unable to join it any more, we are finally migrating everything to
Samba 4.

Then you might as well just provision a new domain, dump your users,
groups etc to a file. Write a script to parse the file and then add
them to your new AD.

Current approach does import users and groups; it only fails to assign users to groups properly. It can do already, but I would prefer less manual interaction.

Note: every user belongs to "Domain Users" group, other group
memberships are lost.

Yes, every AD users primary group is Domain Users, your other problem
is very probably being caused by the way you are trying to bend the
classicupgrade upgrade script

I am not sure what I am "bending".

The classic upgrade did fail in exactly the same way even when I tried to do it literally as the corresponding guide tells:

https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade)

(i.e. while keeping same workgroup name)

All I did was to ensure the new domain with unique SID is generated. From the viewpoint of LDAP database, domain SID matches groups/users SID, so a) why the above problem b) why classic upgrade *does* copy users/groups anyway?

Thanks.

Sincerely,
Konstantin

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba