Tuesday, September 30, 2003

Had a lot of problems getting the net rpc vampire command to work, though it turned out the machine had never really joined the domain, and the samba 3.0 documentation was a bit deficient.

Here's the official steps:

The Account Migration Process

  1. Create a BDC account in the old NT4 domain for the Samba server using NT Server Manager. a) Samba must not be running.
  2. net rpc join -S NT4PDC -w DOMNAME -U Administrator%passwd
  3. net rpc vampire -S NT4PDC -U administrator%passwd
  4. pdbedit -L a) Note — did the users migrate?



The missing step here is that samba does need to run, and you need to have an "add user script" in place for the machine to properly join the domian.


Here is what worked - I got this from a search on linux.samba on google groups - 

 

X-Original-Cc: samba@lists.samba.org

X-Original-Date: Tue, 2 Sep 2003 11:09:59 +0200

X-Original-Message-ID: 

X-Original-Sender: samba-bounces+linux.sambamail2news.bofh.it@lists.samba.org







Hi all,



Thank you for your help, and sorry for my late answer.

Everything works fine by now !



Yes, you have to become a BDC to vampire the accounts ! This is why I w

as

getting an "Access denied" error :

I thought my Samba was a BDC, but I forgot to add "domain logon = Yes

" in

my smb.conf, so Samba was a simple share server.



Here is the steps I followed to suck the accounts :



1 - smb.conf extract :



-----------------------------------------------------------------------

-----------------------------------------------------------------------

--------

; low OS level

os level = 40

domain logons = Yes

domain master = No

local master = No



; Undocumented : this is compulsory to allow Samba to create Unix accou

nts

on the Samba server

; Created in two groups : samba and machines

add machine script = /usr/sbin/useradd -g machines -c "Samba Machine"

 -d

/dev/null -s /bin/false '%u'

add user script = /usr/sbin/useradd -g samba -c "Samba User" -d /dev/

null

-s /bin/false '%u'

add group script = /usr/sbin/groupadd '%g'

add user to group script = /usr/sbin/usermod -G `/usr/bin/id -G '%u' 

|

/bin/sed 's/ /,/g'`,'%g' '%u'

-----------------------------------------------------------------------

-----------------------------------------------------------------------

--------



2 - Testparm should report : ROLE DOMAIN BDC

3 - Add an account for the Samba machine on the NT4 station (via server



manager)

4 - Start Samba

5 - Join the domain : net rpc join -S nt4 machine's netbios name  -w

 -U Administrator

(the samba machine should appear as a BDC on the NT4 server manager)

6 - Vampire : net rpc vampire -S nt4 machine's netbios name -U

Administrator%password

# posted by bendy : 2:55 PM

This page is powered by Blogger. Isn't yours?