Latest revision as of 16:11, 18 October 2017

L'upgrade è possibile in place o su un'altra macchina

Preparazione files sul vecchio server

Verificare che non ci siano SID doppi e che i grupi siano mappati correttamente

pdbedit -Lv | grep 'User SID' | sort -n

net groupmap list

Fermare tutti i servizi

systemctl stop nmbd.service 
systemctl stop smbd.service
systemctl stop winbind.service 
<pre>

* Copiare i files che servono per l'upgrade:

<pre>
mkdir /var/lib/samba.OLD/dbdir/
cp -p /etc/passwd /var/lib/samba.OLD/dbdir/
cp -p /etc/group /var/lib/samba.OLD/dbdir/
cp /etc/samba/smb.conf /var/lib/samba.OLD/dbdir/smb.OLD.conf
cp -p /var/lib/samba.OLD/private/secrets.tdb /var/lib/samba.OLD/dbdir/
cp -p /var/lib/samba.OLD/private/schannel_store.tdb /var/lib/samba.OLD/dbdir/
cp -p /var/lib/samba.OLD/private/passdb.tdb /var/lib/samba.OLD/dbdir/
cp -p /var/lib/samba.OLD/var/lock/gencache_notrans.tdb /var/lib/samba.OLD/dbdir/
cp -p /var/lib/samba.OLD/var/locks/group_mapping.tdb /var/lib/samba.OLD/dbdir/
cp -p /var/lib/samba.OLD/var/locks/account_policy.tdb /var/lib/samba.OLD/dbdir/

Fare un tar e trasferirlo sulla nuova macchina:

tar cvzf /tmp/dbdir.tar.gz /var/lib/samba.OLD/dbdir/
scp /tmp/dbdir.tar.gz pubsrv01.pubblistil.priv:/tmp

Upgrade sulla nuova macchina

Installare samba e verificare la versione

apt-get install samba
samba --version

Fermare tutti i servizi:

systemctl stop nmbd.service
systemctl stop smbd.service
pstree -p

Scompattare i files originali e controllare che siano presenti:

cd /
tar -xvzf /tmp/dbdir.tar.gz
ls /var/lib/samba.OLD/

Copiare i files necessari

cp /etc/passwd /etc/passwd.bak
cp /etc/group /etc/group.bak
cp /var/lib/samba.OLD/passwd /etc/passwd
cp /var/lib/samba.OLD/group /etc/group
cp /var/lib/samba.OLD/smb.conf /etc/samba/smb.conf

TODO: eliminare tutti i .tdb esistenti

Lanciare upgrade:

samba-tool \
   domain \
   classicupgrade \
   --dbdir=/var/lib/samba.OLD/dbdir/ \
   --use-xattrs=yes \
   --realm=pubblistil.priv \
   --dns-backend=BIND9_DLZ \
   /var/lib/samba.OLD/dbdir/smb.OLD.conf

Se fallisce con un errore riguardo l'account administrator, e sul vecchio server, non si riesce a cambiare la password di Administrator, significa che l'account è corrotto, ed occorre eliminarlo:

sudo tdbtool /var/lib/samba.OLD/dbdir/passdb.tdb

keys
...
USER_administrator
...
delete USER_Administrator\0

Ripetere l'upgrade

Riferimenti

Migrating a Samba NT4 Domain to Samba AD (Classic Upgrade) - SambaWiki
Samba/Samba 4 Migration - Gentoo Wiki
Upgrading from Samba Server Version 3 | PACKT Books
samba-users Re: [Samba ClassicUpgrade => EpicFail]
Samba/Samba 4 Migration - Gentoo Wiki
[Samba Change samba username with tdbsam backend]
Samba: Renaming a User
Setting up Samba as an Active Directory Domain Controller - SambaWiki
[SOLVED Samba pdbedit error [Archive] - Ubuntu Forums]
Bug 2344 – tdbtool delete command fails

@@ Line 1: / Line 1: @@
 * L'upgrade è possibile in place o su un'altra macchina
-* OLD MACHINE
+=Preparazione files sul vecchio server=
+* Verificare che non ci siano SID doppi e che i grupi siano mappati correttamente
+ pdbedit -Lv | grep 'User SID' | sort -n
+ net groupmap list
+* Fermare tutti i servizi
 <pre>
-pdbedit -Lv
-pdbedit -Lv | grep 'User SID"
-pdbedit -Lv | grep 'User SID'
-pdbedit -Lv | grep 'User SID' | sort -n
-net groupmap list
 systemctl stop nmbd.service
 systemctl stop smbd.service
 systemctl stop winbind.service
-systemctl stop mysql.service
+<pre>
-systemctl stop saslauthd.service
-systemctl stop postgrey.service
+* Copiare i files che servono per l'upgrade:
-systemctl stop nagios-nrpe-server.service
-systemctl stop postfix.service
+<pre>
-systemctl stop fail2ban.service
-systemctl stop incron.service
-systemctl stop cups.s
-systemctl stop cups.service
-systemctl stop apache2.service
-apt-get remove --purge glusterfs-\*
-systemctl stop amavis
-systemctl stop cups
-systemctl stop nfs-common.service
-systemctl stop rpcbind
-systemctl stop clamav-daemon.service
-systemctl stop clamav-freshclam.service
-systemctl stop irqbalance.service
-systemctl stop dovecot.service
-systemctl stop cups-browsed.service
-systemctl stop isc-dhcp-server.service
-apt-get remove --purge avahi-daemon
-pstree -p
-systemctl stop cupsd
-systemctl stop cups.socket
-systemctl stop cups.path
-pstree -p
-ls /var/lib/samba/
-mv /var/lib/samba/ /var/lib/samba.OLD
 mkdir /var/lib/samba.OLD/dbdir/
+cp -p /etc/passwd /var/lib/samba.OLD/dbdir/
+cp -p /etc/group /var/lib/samba.OLD/dbdir/
+cp /etc/samba/smb.conf /var/lib/samba.OLD/dbdir/smb.OLD.conf
 cp -p /var/lib/samba.OLD/private/secrets.tdb /var/lib/samba.OLD/dbdir/
 cp -p /var/lib/samba.OLD/private/schannel_store.tdb /var/lib/samba.OLD/dbdir/
@@ Line 49: / Line 29: @@
 cp -p /var/lib/samba.OLD/var/locks/group_mapping.tdb /var/lib/samba.OLD/dbdir/
 cp -p /var/lib/samba.OLD/var/locks/account_policy.tdb /var/lib/samba.OLD/dbdir/
-ls /var/lock/
-cd /var/lib/samba.OLD/
-ls
-mkdir /var/lib/samba.OLD/dbdir/
-cp -p /var/lib/samba.OLD/private/secrets.tdb /var/lib/samba.OLD/dbdir/
-mkdir -p /var/lib/samba.OLD/dbdir/
-cp -fp /var/lib/samba.OLD/private/secrets.tdb /var/lib/samba.OLD/dbdir/
-clear
-mkdir /var/lib/samba.OLD/dbdir/
-/bin/cp -fp /var/lib/samba.OLD/private/secrets.tdb /var/lib/samba.OLD/dbdir/
-/bin/cp -fp /var/lib/samba.OLD/private/schannel_store.tdb /var/lib/samba.OLD/dbdir/
-/bin/cp -fp /var/lib/samba.OLD/private/passdb.tdb /var/lib/samba.OLD/dbdir/
-/bin/cp -fp /var/lib/samba.OLD/gencache_notrans.tdb /var/lib/samba.OLD/dbdir/
-/bin/cp -fp /var/lib/samba.OLD/group_mapping.tdb /var/lib/samba.OLD/dbdir/
-/bin/cp -fp /var/lib/samba.OLD/account_policy.tdb /var/lib/samba.OLD/dbdir/
-ls
-ls perfmon/
-ls printers/
-ls
-ls private/
-ls private/smbd.tmp/
-ls private/smbd.tmp/msg/
-ls
-ls usershares/
-ls
-ls winbindd_
-ls winbindd_privileged/
-ls
-mv /etc/samba/smb.conf /etc/samba/smb.OLD.conf
-tar cvzf /tmp/dbdir.tar.gz /var/lib/samba.OLD/dbdir/
-/bin/cp -fp /etc/samba/smb.OLD.conf /var/lib/samba.OLD/dbdir/
-tar cvzf /tmp/dbdir.tar.gz /var/lib/samba.OLD/dbdir/
-scp /tmp/dbdir.tar.gz pubsrv01.pubblistil.priv:/tmp
-pdbedit -L
-cd ..
-ls
-cd /etc/samba/
-mv smb.OLD.conf smb.conf
-pdbedit -L
-cd /var/lib/
-mv samba.OLD/ samba
-pdbedit -L
-pdbedit -Lv Administrator
 </pre>
-<pre>
+*  Fare un tar e trasferirlo sulla nuova macchina:
-NEW
-samba --version
+ tar cvzf /tmp/dbdir.tar.gz /var/lib/samba.OLD/dbdir/
-apt-get install samba
+  scp /tmp/dbdir.tar.gz pubsrv01.pubblistil.priv:/tmp
-samba --version
-  vi /etc/samba/smb.conf
+=Upgrade sulla nuova macchina=
-  pstree -p
-systemctl stop nmbd.service
+* Installare samba e verificare la versione
-systemctl stop smbd.service
+  apt-get install samba
-pstree -p
+  samba --version
-  history
-  ls /tmp/
+* Fermare tutti i servizi:
-  tar -tvzf /tmp/dbdir.tar.gz
-cd /
+  systemctl stop nmbd.service
-tar -xvzf /tmp/dbdir.tar.gz
+  systemctl stop smbd.service
-ls /var/lib/samba.OLD/
+  pstree -p
-ls /var/lib/samba
-samba-tool domain classicupgrade --dbdir=/var/lib/samba.OLD/dbdir/ --use-xattrs=yes \
+* Scompattare i files originali e controllare che siano presenti:
---realm=pubblistil.priv --dns-backend=BIND9_DLZ /var/lib/samba.OLD/dbdir/smb.OLD.conf
-samba-tool domain classicupgrade --dbdir=/var/lib/samba.OLD/dbdir/ --use-xattrs=yes --realm=pubblistil.priv --dns-backend=BIND9_DLZ /var/lib/samba.OLD/dbdir/smb.OLD.conf
+  cd /
-  vi /etc/samba/smb.conf
+  tar -xvzf /tmp/dbdir.tar.gz
-  ls
+  ls /var/lib/samba.OLD/
-  sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.ORI
-samba-tool domain classicupgrade --dbdir=/var/lib/samba.OLD/dbdir/ --use-xattrs=yes --realm=pubblistil.priv --dns-backend=BIND9_DLZ /var/lib/samba.OLD/dbdir/smb.OLD.conf
+* Copiare i files necessari
-  cd /var/lib/samba
+  cp /etc/passwd /etc/passwd.bak
-  ls
+  cp /etc/group /etc/group.bak
-  ls private/
+  cp /var/lib/samba.OLD/passwd /etc/passwd
-ls
+  cp /var/lib/samba.OLD/group /etc/group
-  cd ..
+ cp /var/lib/samba.OLD/smb.conf /etc/samba/smb.conf
-  ls
-  mv /var/lib/samba samba.ORI
+* TODO: eliminare tutti i .tdb esistenti
-  samba-tool domain classicupgrade --dbdir=/var/lib/samba.OLD/dbdir/ --use-xattrs=yes --realm=pubblistil.priv --dns-backend=BIND9_DLZ /var/lib/samba.OLD/dbdir/smb.OLD.conf
-sudo mkdir -p /var/lib/samba/private
+* Lanciare upgrade:
-samba-tool domain classicupgrade --dbdir=/var/lib/samba.OLD/dbdir/ --use-xattrs=yes --realm=pubblistil.priv --dns-backend=BIND9_DLZ /var/lib/samba.OLD/dbdir/smb.OLD.conf
+  samba-tool \
+    domain \
+    classicupgrade \
+    --dbdir=/var/lib/samba.OLD/dbdir/ \
+    --use-xattrs=yes \
+    --realm=pubblistil.priv \
+    --dns-backend=BIND9_DLZ \
+    /var/lib/samba.OLD/dbdir/smb.OLD.conf
+* Se fallisce con un errore riguardo l'account administrator, e sul vecchio server, non si riesce a cambiare la password di Administrator, significa che l'account è corrotto, ed occorre eliminarlo:
+  sudo tdbtool /var/lib/samba.OLD/dbdir/passdb.tdb
+ keys
+ ...
+  USER_administrator
+  ...
+ delete USER_Administrator\0
-</pre>
+* Ripetere l'upgrade
 =Riferimenti=
@@ Line 140: / Line 94: @@
 *[http://edoceo.com/notabene/samba-rename-user Samba: Renaming a User]
 *[https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Testing_your_Samba_AD_DC Setting up Samba as an Active Directory Domain Controller - SambaWiki]
+*[https://ubuntuforums.org/archive/index.php/t-2156341.html [SOLVED] Samba pdbedit error [Archive] - Ubuntu Forums]
+*[https://bugzilla.samba.org/show_bug.cgi?id=2344 Bug 2344 – tdbtool delete command fails]

Upgrade da Samba3 tdbsam a Samba4 AD: Difference between revisions

Latest revision as of 16:11, 18 October 2017

Preparazione files sul vecchio server

Upgrade sulla nuova macchina

Riferimenti

Navigation menu

Upgrade da Samba3 tdbsam a Samba4 AD: Difference between revisions

Latest revision as of 16:11, 18 October 2017

Preparazione files sul vecchio server

Upgrade sulla nuova macchina

Riferimenti

Navigation menu

Search