moving XP-Clients vom one zentyal-PDC to another zentyal-PDC

[Lueghi]

I have a really problem:

I have an "old" server with Zentyal which acts as a PDC for my XP-Clients (in my small local family network). Now I have to move all the users to the new zentyal-PDC (same software version) with the identically domainname. I checked the move with my laptop and my account and it worked with my existing account (the desktop and all my user settings still remains the same). But when I try to move the other users a new account is created on the PC like username.domainname.000 and all the user settings are lost .

Is there anyone who knows a better way than installing and configuration everthing again for every user? Using a backup of the old server on the new one is not a good idea because there is some misconfiguration on the old server. And I don't want to have the problems on the new one ....

[jsalamero]

Maybe because you need to rejoin the domain and gets a different SSID? I would try to restore the backup, or at least some modules like users and samba.

[robb]

The best advice I can give is pointing to samba domain documentation , However, this is one of the SO MANY 'common situations' that need very clear and valid documentation for Zentyal servers.

Replacing a Domain Controller

In the past, people who replaced a Windows NT4 domain controller typically installed a new server, created printers and file shares on it, then migrate across all data that was destined to reside on it. The same can of course be done with Samba.

From recent mailing list postings it would seem that some administrators have the intent to just replace the old Samba server with a new one with the same name as the old one. In this case, simply follow the same process as for upgrading a Samba 2.x system and do the following:

    Where UNIX (POSIX) user and group accounts are stored in the system /etc/passwd, /etc/shadow, and /etc/group files, be sure to add the same accounts with identical UID and GID values for each user.

    Where LDAP is used, if the new system is intended to be the LDAP server, migrate it across by configuring the LDAP server (/etc/openldap/slapd.conf). The directory can be populated either initially by setting this LDAP server up as a slave or by dumping the data from the old LDAP server using the slapcat command and then reloading the same data into the new LDAP server using the slapadd command. Do not forget to install and configure the nss_ldap tool and the /etc/nsswitch.conf (as shown in “Making Happy Users”).

    Copy the smb.conf file from the old server to the new server into the correct location as indicated previously in this chapter.

    Copy the secrets.tdb file, the smbpasswd file (if it is used), the /etc/samba/passdb.tdb file (only used by the tdbsam backend), and all the tdb control files from the old system to the correct location on the new system.

    Before starting the Samba daemons, verify that the hostname of the new server is identical to that of the old one. Note: The IP address can be different from that of the old server.

    Copy all files from the old server to the new server, taking precaution to preserve all file ownership and permissions as well as any POSIX ACLs that may have been created on the old server.

When replacing a Samba domain controller (PDC or BDC) that uses LDAP, the new server need simply be configured to use the LDAP directory, and for the rest it should just work. The domain SID is obtained from the LDAP directory as part of the first connect to the LDAP directory server.

All Samba servers, other than one that uses LDAP, depend on the tdb files, and particularly on the secrets.tdb file. So long as the tdb files are all in place, the smb.conf file is preserved, and either the hostname is identical or the netbios name is set to the original server name, Samba should correctly pick up the original SID and preserve all other settings. It is sound advice to validate this before turning the system over to users.

and (from an old samba-list message)

On 10/7/07, dahopkins at comcast.net <dahopkins at comcast.net> wrote:
> I need to move our existing Samba/LDAP PDC to another server.  Currently it is on server1 and I want server2 to be the Samba/LDAP PDC instead. However, I am uncertain of what files need to be copied over to ensure that I don't have to rejoin machines to the domain.

All this info (about machine accounts) is stored only in the LDAP database.

If you are using ldap the only files that needs copyied/modifyied is smb.conf,  /etc/nsswitch.conf, and your IDEALX config. Other than that you will have to enter the LDAP password in the new server using smbpasswd -w (i believe).

You did not mention if you were moving just the samba stuff or the LDAP server as well as there is no requirement that the LDAP server is
on the same machine as the PDC. However, I assume you want to do that as well. For that copy the /etc/openldap/schema folder and do a
slapcat (to a file) to dump the current ldap database. Then on the new machine use slapadd with the file you dumped from slapcat.

John

Also read: http://samba.2283325.n4.nabble.com/Samba-migration-to-a-new-server-td3213835.html

[Lueghi]

Thanks for your comments. It seems to be not so easy for me because I'm a hobby administrator with only half knowledge.

I don't know yet what I will do ...

Thanks.