SAMBA3+OpenLdap x SAMBA4 classicupgrade

zuberrzzo
(usa Debian)

Enviado em 07/04/2014 - 11:13h

Bom dia

Estou tentando realizar a migração do samba3 para o samba4 de 3500 usuários, 500 grupos e 1500 máquinas, porém estou encontrando apenas um problema neste estágio:

As máquinas estão sendo migradas como contas de usuários e não como máquinas mesmo. Desta forma as mesmas possuem a relação de confiança necessária com o novo SAMBA4.

Não identifiquei a falta de alguma informação importante no meu ldif.

Os bancos de dados dentro de /var/lib/samba/ foram copiados corretamente para a migração.

Segue os arquivos necessários para o entendimento do problema :

maquinas.ldif
—————————————————————————————
dn: ou=maquinas,dc=empresa,dc=com
objectClass: organizationalUnit
objectClass: top
ou: maquinas

dn: uid=maquina_teste$,ou=maquinas,dc=empresa,dc=com
cn: maquina_teste
uidNumber: 5358
gidNumber: 515
homeDirectory: /dev/null
objectClass: posixAccount
objectClass: account
objectClass: sambaSamAccount
objectClass: top
sambaSID: S-1-5-21-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-3048
sambaNTPassword: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
uid: maquina_teste$
—————————————————————————————

smb.conf
—————————————————————————————
name resolve order = lmhosts wins bcast host
netbios name = Empresa
ldap passwd sync = yes
local master = yes
workgroup = EMPRESA
ldap admin dn = cn=admin,dc=empresa,dc=com
security = user
short preserve case = yes
guest account = nobody
ldap user suffix = ou=usuarios
ldap group suffix = ou=grupos
ldap machine suffix = ou=maquinas
domain master = yes
encrypt passwords = true
passdb backend = ldapsam:ldap://xxx.xxx.xxx.xxx/
wins support = yes
ldap ssl = Off
server string = Servidor de Arquivos
password server = Server
ldap suffix = dc=empresa,dc=com
preferred master = yes
domain logons = yes
———————————————————————————

Comando para a migração:


# /usr/local/samba/bin/samba-tool domain classicupgrade –dbdir=root/backup/var_lib_samba/ –use-xattrs=yes dns-backend=SAMBA_INTERNAL –realm=EMPRESA.COM /home/zuberrzo/SAMBA/samba_etc/smb.conf

Os unicos erros encontrados durante a migração com o classicupgrade são os seguintes:

Ignoring group memberships of ‘maquina_teste$’ S-1-5-21-xxxxxxxxxxxxxxxxxxxxxxxxxxxx-3048: Unable to enumerate group memberships, (-1073741596,NT_STATUS_INTERNAL_DB_CORRUPTION)
Ignoring group memberships of ‘maquina_teste$’
Next rid = xxxx117
Exporting posix attributes

A Kerberos configuration suitable for Samba 4 has been generated at /usr/local/samba/private/krb5.conf
Setting up fake yp server settings
Once the above files are installed, your Samba4 server will be ready to use
Server Role: active directory domain controller
Hostname: Empresa
NetBIOS Domain: EMPRESA
DNS Domain: empresa.com
DOMAIN SID: S-1-5-21-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Importing WINS database
Importing Account policy

***************************************************************************************************************
Could not set account policy, ((53, ‘objectclass: modify message must have elements/attributes!’))
Importing idmap database
Cannot open idmap database, Ignoring: [Errno 2] No such file or directory
***************************************************************************************************************

Adding groups
Importing groups
Commiting ‘add groups’ transaction to disk
Adding users
Importing users
User root has been kept in the directory, it should be removed in favour of the Administrator user
Commiting ‘add users’ transaction to disk
Adding users to groups
Commiting ‘add users to groups’ transaction to disk
Setting password for administrator
Administrator password has been set to password of user ‘root’

Os tutoriais seguido são:

http://www.mundotibrasil.com.br/tutorial-de-migracao-samba3-com-ou-sem-base-ldap-para-samba4/

https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO