Upgrade da Samba3 tdbsam a Samba4 AD
- L'upgrade è possibile in place o su un'altra macchina
Preparazione files sul vecchio server
- Verificare che non ci siano SID doppi e che i grupi siano mappati correttamente
pdbedit -Lv | grep 'User SID' | sort -n
net groupmap list
- Fermare tutti i servizi
systemctl stop nmbd.service systemctl stop smbd.service systemctl stop winbind.service <pre> * Copiare i files che servono per l'upgrade: <pre> mkdir /var/lib/samba.OLD/dbdir/ cp -p /etc/passwd /var/lib/samba.OLD/dbdir/ cp -p /etc/group /var/lib/samba.OLD/dbdir/ cp /etc/samba/smb.conf /var/lib/samba.OLD/dbdir/smb.OLD.conf cp -p /var/lib/samba.OLD/private/secrets.tdb /var/lib/samba.OLD/dbdir/ cp -p /var/lib/samba.OLD/private/schannel_store.tdb /var/lib/samba.OLD/dbdir/ cp -p /var/lib/samba.OLD/private/passdb.tdb /var/lib/samba.OLD/dbdir/ cp -p /var/lib/samba.OLD/var/lock/gencache_notrans.tdb /var/lib/samba.OLD/dbdir/ cp -p /var/lib/samba.OLD/var/locks/group_mapping.tdb /var/lib/samba.OLD/dbdir/ cp -p /var/lib/samba.OLD/var/locks/account_policy.tdb /var/lib/samba.OLD/dbdir/
- Fare un tar e trasferirlo sulla nuova macchina:
tar cvzf /tmp/dbdir.tar.gz /var/lib/samba.OLD/dbdir/ scp /tmp/dbdir.tar.gz pubsrv01.pubblistil.priv:/tmp
Upgrade sulla nuova macchina
- Installare samba e verificare la versione
apt-get install samba samba --version
- Fermare tutti i servizi:
systemctl stop nmbd.service systemctl stop smbd.service pstree -p
- Scompattare i files originali e controllare che siano presenti:
cd / tar -xvzf /tmp/dbdir.tar.gz ls /var/lib/samba.OLD/
- Copiare i files necessari
cp /etc/passwd /etc/passwd.bak cp /etc/group /etc/group.bak cp /var/lib/samba.OLD/passwd /etc/passwd cp /var/lib/samba.OLD/group /etc/group cp /var/lib/samba.OLD/smb.conf /etc/samba/smb.conf
- TODO: eliminare tutti i .tdb esistenti
- Lanciare upgrade:
samba-tool \ domain \ classicupgrade \ --dbdir=/var/lib/samba.OLD/dbdir/ \ --use-xattrs=yes \ --realm=pubblistil.priv \ --dns-backend=BIND9_DLZ \ /var/lib/samba.OLD/dbdir/smb.OLD.conf
- Se fallisce con un errore riguardo l'account administrator, e sul vecchio server, non si riesce a cambiare la password di Administrator, significa che l'account è corrotto, ed occorre eliminarlo:
sudo tdbtool /var/lib/samba.OLD/dbdir/passdb.tdb
keys ... USER_administrator ... delete USER_Administrator\0
- Ripetere l'upgrade
Riferimenti
- Migrating a Samba NT4 Domain to Samba AD (Classic Upgrade) - SambaWiki
- Samba/Samba 4 Migration - Gentoo Wiki
- Upgrading from Samba Server Version 3 | PACKT Books
- samba-users Re: [Samba ClassicUpgrade => EpicFail]
- Samba/Samba 4 Migration - Gentoo Wiki
- [Samba Change samba username with tdbsam backend]
- Samba: Renaming a User
- Setting up Samba as an Active Directory Domain Controller - SambaWiki
- [SOLVED Samba pdbedit error [Archive] - Ubuntu Forums]
- Bug 2344 – tdbtool delete command fails