Topic: PDC migration 5.5 to 6.0

[Loek]

Hi,

I'm planning to upgrade an SME 5.5 that functions as PDC in a W2K network to SME 6.0 but I have the following question:
I prefer to do a clean install (which is also adviced in some forum posts) but for that I need to give the upgraded server the exact same id's (at least the SID), otherwise the user profiles won't migrate.

Following the samba HowTo for PDC migration, I extracted the MACHINE.SID from the 5.5 server using the rpcclient command, but I can't find the file MACHINE.SID on either of the SME machines. According to the Samba HowTo I need to set the extracted SID in this file on the new machine.

The only thing I found on the SME servers is a commanc called 'setsid', but I don't know if this is related, or what the syntax is.

Help is appreciated.

Loek

[ryan]

Read up before you upgrade.  I screwed myself upgrading 5.1.2 to 5.6 in a pure XP environment.  A different pure 2k environment with the same upgrade did not have any isssues.  

If you upgrade to 6.0, you will have to rejoin the clients to the domain.  Search this forum and look at the bugs section.  I set up a test environment with 1 2k box and 1 XP box.  I joined them to a 5.6 domain then upgraded to 6.0.  Both clients lost membership to the domain.

ryan

[Loek]

Ryan,

Thanks for your answer. I'm having a similar problem. I can join the W2K boxes to the domain of the new 6.0 server (that part works fine) but the problem is that all users loose their (roaming) user profiles. I have set up a test environment under VMWare so I can experiment freely, but no success yet.

I recreated all users, copied all data (incl. profiles), and also set the SID of the 6.0 server to the SID of the former SME5.5 (using smbpasswd).
Still the W2K machines refuse to accept the profiles of the new server, so I must be missing something. I've been browsing through various samba howto's, but haven't found the answer to this one yet.

Any ideas?

Loek

[ryan]

Loek,

When your systems loose contact with the PDC after the upgrade, have them join a workgroup, reboot, join the domain again, reboot, as local admin fix up the local groups again, then login in with a domain account.  

I am not sure if the profiles from the old domain will be applied or if a new one will be created, but it will get your systems back on the 6.0 domain.

I only tested this with 3 systems...sme, 2k, and XP.  There could be other issues or problems here so I would do this in a test environment to make sure it works for you.

ryan

[Loek]

Hi Ryan,

Thanks again. I succeed to make the machines join the 6.0 domain, but whatever I do, I the W2K machines always create new - empty - profiles for the domain users. The profiles contain so much settings (email accounts, printer settings, etc.) that I don't fancy having to fix all that for all users.

There must be a way to replace one samba server for another without any of the clients even noticing anything has changed.

The new server has the same server name, same IP, same SID, and contains all data including the user profiles in the right place. What more should be done?! (said I, already a little desperate)

Loek

[PeterG]

This would be sooooo handy to know how to do. I bet the knowledge is out there somewhere....

I am currently stuck in the same position, trying to upgrade (completly new hardware, ide -> SCSI) a 5.5 server to 6.0

I don't relish the thought of having to re-configure all the clients.

PeterG.

[Alex]

Hi! I have a same problem. Migration from PDC 5.6 to PDC 5.6 to new hardware. Config files are completely synchronized, but SMB clients are not identified by a new server. Only rejoin to domain each workstation... But this huge quantity of work. I have 60 workstations.

[PeterG]

From what I understand there are a number of issues regarding the move from 5.5/5.6 to 6.0 of SME that specifically effect XP and more general issues with windows clients as a whole.

With XP clients, Microsoft introduced a number of new registry settings regarding domain handshaking, these have already been documented in the forums and I believe there is a .reg? files included in the v6.0 distribution release to import straight into the xp clients using regedit. This resolves the problem of xp clients joining a domain but then not being able to logon to it.

The other is regarding complete moves of hardware rather than just upgrading components. I haven't yet looked but I am guessing that may be there was a functionality change with the samba release that was issued with 5.5/5.6 and 6.0 that is complicating matters.

I have the option of restoring a complete 5.5 system onto a new hardware platform from tape, but the new platform will be scsi rather than ide and I do not want to clutter the system with modules that it does not need.

There must be a definitive method and list of directories/files that are required to move one sever to another that will mean no impact on the client PC's. This is such a relatively common task that it must have been done before.

The search goes on...(probably on the samba website)


PeterG.

[Alex]

I have found a way! Closely read Samba how-to. Now instead of MACHINE.SID and WORKGROUP.SID it is used secrets.tdb. Migration is carried out through rsinc, search on the forum. And complitely new hardware - IDE to SCSI are OK!

[ryan]

Could you list a link or possibly some more details....when you did it want what you did....that would be helpful.

Thanks,

ryan

[PeterG]

A random thought....

If a 5.5 version of the server is running as a Primary Domain Controler (pdc) and we have a new bit of kit that we want to take over this server, would this work...

Install new server on network and configure it in the same workgroup, at this point is it running as a Backup Domain controler (BDC)?

I have just ried this and the new server is in the same domain as the old server and after a brief hunt around the samba list archives I have found this little jem and tried it.

[root@oulton e-smith]# smbpasswd -S
Successfully set domain SID to S-1-5-21-2672183053-1999075282-1853768680.
[root@oulton e-smith]#

This is performed on the new machine and queries the old machine for its SID. It appears to have been sucessfull.

I am guessing that the SID is something important (can you tell I am still learning) after this is it a case of copying over the various password and group files and presumably there are accounts for the client computers themselves somewhere?

PeterG.

[Alex]

http://forums.contribs.org/index.php?topic=18005.msg70553#msg70553

I have added only /etc/samba for secrets.tdb

[PeterG]

Found it...


http://tehvand.com/tehvand/index.cgi?opt=projex&project=rsyncmigrate



I just want to copy the users and the data though not an exact copy of the old server. New server is server new one will be server/gateway etc.


PeterG.

[Alex]

Yes you migrate user settings and data only.
And i am sorry - /etc/secrets.tdb , not /etc/samba/secrets.tdb

[PeterG]

So to just get the windows domain section transfered this could be a solution?

Configure new server as required, presumably to any version?

make sure its in the same workgroup and then...

1. smbpasswd -S on the new server

2. a rsync of these files -

 /etc/group
 /etc/gshadow
 /etc/passwd
 /etc/shadow
 /etc/smbpasswd


3. Shutdown old server
 
4. /sbin/e-smith/signal-event post-upgrade

5. /sbin/e-smith/signal-event reboot

6. When its back up tell it it's a domain controller


to simple?



PeterG.