[Samba] Keeping Windows ACL's when migrating to SAMBA Server
George
current Windows 2003 file server. I can manually copy the files over but
need to keep all the Windows UID's and GID's but am having trouble
copying the files over. Does anyone have any idea what im doing wrong or
have any ideas for me to do this?
I have pasted the contents of my smb.conf below my name.
George
..............................................................................................
smb.conf
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
netbios name = bed-fs1
# server string = %h server (Samba %v, Ubuntu)
security = ADS
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
domain master = No
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 1000-29999
idmap gid = 1000-29999
template shell = /bin/bash
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
#[homes]
#comment = Home Directories
#browseable = yes
#valid users = %S
#writable = yes
[servers]
path = /servers
valid users = @"DOMAIN+Domain Admins" , @"DOMAIN+Domain Users" ,
@"DOMAIN+Domain Team"
admin users = @"DOMAIN+Domain Admins" , root , administrator
write list = @"DOMAIN+Domain Team" , @"DOMAIN+Domain Admins" ,
@"DOMAIN+Domain Users" , root , administrator
directory mask = 0700
create mode = 0700
force create mode = 0700
force directory mode = 0700
read only = no
writeable = yes
available = yes
browseable = yes
public = yes
writable = yes
guest ok = yes
acl compatibility = auto
acl check permissions = Yes
acl group control = No
acl map full control = Yes
#acl map full control = no
force unknown acl user = No
dos filemode = no
inherit permissions = yes
store dos attributes = yes
map archive = No
map hidden = No
map system = No
map readonly = No
nt acl support = Yes
map acl inherit = yes
profile acls = No
inherit owner = No
inherit acls = yes
acl group control = yes
vfs objects = acl_xattr
[man_fs2_e]
path = /servers/man_fs2/e
valid users = @"DOMAIN+Domain Admins" , @"DOMAIN+Domain Users" ,
@"DOMAIN+Domain Team"
admin users = @"DOMAIN+Domain Admins" , root , administrator
write list = @"DOMAIN+Domain Team" , @"DOMAIN+Domain Admins" ,
@"DOMAIN+Domain Users" , root , administrator
directory mask = 0700
create mode = 0700
force create mode = 0700
force directory mode = 0700
read only = no
writeable = yes
available = yes
browseable = yes
public = yes
writable = yes
guest ok = yes
acl compatibility = auto
acl check permissions = Yes
acl group control = No
acl map full control = Yes
#acl map full control = no
force unknown acl user = No
dos filemode = no
inherit permissions = yes
store dos attributes = yes
map archive = No
map hidden = No
map system = No
map readonly = No
nt acl support = Yes
map acl inherit = yes
profile acls = No
inherit owner = No
inherit acls = yes
acl group control = yes
vfs objects = acl_xattr
TAKAHASHI Motonobu
> We setup a Ubuntu SAMBA 3.5 server and would like it to replace our current
> Windows 2003 file server. I can manually copy the files over but need to
> keep all the Windows UID's and GID's but am having trouble copying the files
> over. Does anyone have any idea what im doing wrong or have any ideas for me
> to do this?
>
> I have pasted the contents of my smb.conf below my name.
>
> George
Does Windows Server 2003 and Ubuntu belongs to same domain?
If you migrate Windows domain to Samba domain, how did you migrate SID
of domain?
How did you migrate, using scopy or xcopy /o?
What is your trouble?
subinacl might be helpfull of you.
http://support.microsoft.com/kb/301940/en-us
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-93cf-ed6985e3927b&displaylang=en
---
TAKAHASHI Motonobu <mo...@monyo.com>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
John Drescher
I would verify that idmap and ACLs are working before moving files and
also get rid of the user list lines. Use ACLs instead.
John
Chris Weiss
> We setup a Ubuntu SAMBA 3.5 server and would like it to replace our current
> Windows 2003 file server. I can manually copy the files over but need to
> keep all the Windows UID's and GID's but am having trouble copying the files
> over. Does anyone have any idea what im doing wrong or have any ideas for me
> to do this?
what are you using to copy? a normal file copy wont' keep permissions
even windows to windows, but robocoy will, and I think xcopy can
Jeremy Allison
> On Sat, Dec 11, 2010 at 1:01 PM, George <green...@gmail.com> wrote:
> > We setup a Ubuntu SAMBA 3.5 server and would like it to replace our current
> > Windows 2003 file server. I can manually copy the files over but need to
> > keep all the Windows UID's and GID's but am having trouble copying the files
> > over. Does anyone have any idea what im doing wrong or have any ideas for me
> > to do this?
>
> what are you using to copy? a normal file copy wont' keep permissions
> even windows to windows, but robocoy will, and I think xcopy can
I just helped an OEM do a (successful) file migration complete
with ACLs from Windows to Samba using robocopy, so I'd suggest
that as the tool of choice.
Remember to do the migration as a (temporary) root account,
as robocopy may need to write ACLs that the migrating user
cannot access.
Will get fixed properly when I finish implementing SE_RESTORE
and SE_BACKUP privileges but until then the root account works
just as well.
Jeremy.
George
I use robocopy, It copies the files and ACL but not the correct create
of modify dates
robocopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /sec /e
If I use xxcopy I can copy all the files with the proper create and
modify dates but it wont copy the ACL's.
xxcopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /backup
George
TAKAHASHI Motonobu
> Rightnow i got it half working but am having trouble with part of it. If I
> use robocopy, It copies the files and ACL but not the correct create of
> modify dates
>
> robocopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /sec /e
>
> If I use xxcopy I can copy all the files with the proper create and modify
> dates but it wont copy the ACL's.
>
> xxcopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /backup
>
> George
How about "net share migrate" command?
I once tried to examine this command like:
$ net -S oldsrv rpc share migrate all --destination newsrv --acls temp2
migrating: [TEMP2], path: C:\TEMP2, comment: comments, without share-ACLs
syncing [TEMP2] files and directories including ACLs, without DOS Attributes
migrating: [TEMP2], path: C:\TEMP2, comment: comments, including share-ACLs
Note that you must set "add share command" parameter in the target server.
And "force unknown acl user = yes" may be helpfull.
---
TAKAHASHI Motonobu <mo...@samba.gr.jp>
Green International
On Dec 20, 2010 6:31 PM, "Andrew Masterson" <
Andrew.M...@nuvistaenergy.com> wrote:
>
>
>
> -----Original Message-----
> From: samba-...@lists.samba.org
> [mailto:samba-...@lists.samba.org] On Behalf Of TAKAHASHI Motonobu
> Sent: Saturday, December 18, 2010 10:20 PM
> To: George
> Cc: sa...@lists.samba.org; Jeremy Allison
> Subject: Re: [Samba] Keeping Windows ACL's when migrating to SAMBA
> Server
>
> 2010/12/19 George <green...@gmail.com>:
>> Rightnow i got it half working but am having trouble with part of it.
> If I
>> use robocopy, It copies the files and ACL but not the correct create
> of
>> modify dates
>>
>> robocopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /sec
> /e
>>
>> If I use xxcopy I can copy all the files with the proper create and
> modify
>> dates but it wont copy the ACL's.
>>
>> xxcopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /backup
>>
>> George
>
>
> Are you using the /COPYALL switch?
>
> http://www.stevelu.com/TechnicalArticles/DevTools/1206.aspx (for gory
> flag details)
>
> I have successfully migrated several servers with terabytes of data from
> windows to linux by using robocopy (although I don't remember the exact
> flags at the moment). xcopy is unreliable for that much data IMX.
>
> -=Andrew
TAKAHASHI Motonobu
> I've tried it with the /copyall switch and /copy:datsou and still no luck
> Rightnow i got it half working but am having trouble with part of it. If I
> use robocopy, It copies the files and ACL but not the correct create of
> modify dates
> robocopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /sec /e
> If I use xxcopy I can copy all the files with the proper create and modify
> dates but it wont copy the ACL's.
>
> xxcopy \\man_fs2\Batteries \\bed-fs1\servers\man_fs2\Batteries /backup
As far as I examine, these commands save modified date of files:
(simple) copy, xcopy /e, robocopy /copy:dat /e, xxcopy /backup.
I tried to copy files from Windows XP SP3 to Samba 3.5.6 from source on Lenny.
My smb.conf:
-----
[share1]
path = /some/where/
writeable = yes
-----
I also examined your smb.conf setting and got same results.
As you know, traditional UNIX file system (including Linux) does not have
the semantics of "create time" , does only have accessed, modified and
change time.
On the other hand, UFS for FreeBSD has a field of birthtime, which
means "create time".
I tried to copy files from Windows XP SP3 to Samba 3.4.8 from Packages
on FreeBSD 8.1.
As far as I examine, these commands save modified date of files:
(simple) copy, xcopy /e, xxcopy /backup.
robocopy always sets nearly "1980/1/1" as the birthtime.
Also I can migrate ACLS with xcopy /o /e (only global groups and users) and
robocopy /copy:datso /e (users, global / local / builtin groups).
---
TAKAHASHI Motonobu <mo...@monyo.com>