Migrating Samba Users

YuriiV · Oct 4, 2022

Hello, data replication is currently configured from the main server to the backup. Transferred Unix users from the main server by editing the backup DB file (I imported three tables account_bsdgroupmembership, account_bsdgroups, account_bsdusers). But with Samba problems, tried after transferring Unix users, deleted the file /var/db/system/samba4/private/passdb.tdb and then re-syncing the users: `midclt call smb.synchronize_passdb -job`. But problems with authorization and access to network drives were not resolved. Is there any way to correctly migrate samba users?

anodos · Oct 4, 2022

YuriiV said:
Hello, data replication is currently configured from the main server to the backup. Transferred Unix users from the main server by editing the backup DB file (I imported three tables account_bsdgroupmembership, account_bsdgroups, account_bsdusers). But with Samba problems, tried after transferring Unix users, deleted the file /var/db/system/samba4/private/passdb.tdb and then re-syncing the users: `midclt call smb.synchronize_passdb -job`. But problems with authorization and access to network drives were not resolved. Is there any way to correctly migrate samba users?

The NT hashes in the account_bsdusers table are encrypted with a key stored on the main server. This means you need to decrypt the entry with key from other server re-encrypt with new key, then write the entry (if you're planning to do manual DB editing from shell). In general such things aren't advisable.

Perhaps look into using the websocket API to read the values from the main server, and then duplicate the users / groups on the remote one.

YuriiV · Oct 4, 2022

Thanks, I'll try both

YuriiV · Oct 14, 2022

Thanks again, saved a lot of time, used this script

middleware/src/middlewared/middlewared/plugins/pwenc.py at bf3558af15a3496800ad944ed2d9328529a97c32 · truenas/middleware

TrueNAS CORE/Enterprise/SCALE Middleware Git Repository - truenas/middleware

github.com

modified it a little and then manually wrote the new data to the backup

anodos · Oct 14, 2022

YuriiV said:
Thanks again, saved a lot of time, used this script

middleware/src/middlewared/middlewared/plugins/pwenc.py at bf3558af15a3496800ad944ed2d9328529a97c32 · truenas/middleware

TrueNAS CORE/Enterprise/SCALE Middleware Git Repository - truenas/middleware

github.com

modified it a little and then manually wrote the new data to the backup

In principle, you can just run midclt call pwenc.encrypt <data> to encrypt arbitrary strings using the secret seed.

YuriiV · Oct 14, 2022

Ok I'll use it next time

Important Announcement for the TrueNAS Community.

Migrating Samba Users

YuriiV

Cadet

anodos

Sambassador

YuriiV

Cadet

YuriiV

Cadet

middleware/src/middlewared/middlewared/plugins/pwenc.py at bf3558af15a3496800ad944ed2d9328529a97c32 · truenas/middleware

anodos

Sambassador

middleware/src/middlewared/middlewared/plugins/pwenc.py at bf3558af15a3496800ad944ed2d9328529a97c32 · truenas/middleware

YuriiV

Cadet

Similar threads

Important Announcement for the TrueNAS Community.

Migrating Samba Users

Cadet

Sambassador

Cadet

Cadet

Sambassador

Cadet

Important Announcement for the TrueNAS Community.

Related topics on forums.truenas.com for thread: "Migrating Samba Users"

Similar threads