Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Question Don't have rights after copying serv to other serv

    Hello everyone, I need some help with the transfer of our old Linux server (Red Hat 9)to a new one(with much better hardware and Fedora Core 7). We’ve encountered a problem with some rights the users have lost.

    We have around 30 employees working on windows 2000. Every employee connects with Windows to his profile through the linux server via Samba. The linux server is also the domain controller. On the Linux server we have all the data of every employee as well as the data on their desktops. When they connect to the server they download their desktop and their personal files in My Documents. What we want to do is transfer all the data, the user accounts, the samba configuration, etc.. So that we have the same server as before but on a new machine with better hardware and FC7. We need to transfer the data over night; we cannot allow downtime during any day of the week.

    What we did :
    1 – Copy the files: hosts, host.conf, resolv.conf, named.conf, network, passwd, shadow, group, gshadow, hostname, dhcpd.conf and the entire directory /etc/samba from the old server to the new one.

    2 – Copy all the files from the old to the new server with :
    scp –pr root@ /home (This is where « My Documents » of every users is stored)

    3 – scp –pr root@ /association/samba_profiles (for the desktops of every user)

    4 – Create a shell script to change the owner and group of all the files we tranfered to make it so that the personal directorys and files are owned by the right users and groups(Every users should be the owner of their own directory in both the partitions).
    Exemple: chown –R john1 :john1 /home/john1(same thing for /association/samba_profiles/john1)

    The files have been copied correctly, and the directorys and files now have the fiting rights and ownerships. So now we have the exact same image on the new server as we had on the old one, exept for the OS, but we made some changes so that the config files from the RD9 would work on the FC7(anyway the problem doesn’t come from the incompatibility of the config files between 2 different OS because we tried from RD9 to RD9 and we still have the same problem).

    The problem we get is that all the users have lost their administrative rights on their own profiles, so now they cannot change the keyboard config, nor can they change the desktop image, but more importantly they cannot open their outlook accounts because they don’t have the rights. So it seems they don’t have the rights on their own directorys even though when we type “ll” we see the users as owners, and the rights are 755 for everyone. Keep in mind we cannot put them in the admin group for the domain, it would’nt be right.

    The “tail –f /var/log/messages” on the server shows “couldn’t find service logon” when we try to connect to it with a distant Windows user. It was working fine with this smb.conf file before.

    Someone suggested to tarball the data instead of using SCP(which changes the ownerships of all the files to root(because we use root to transfer)), tarball would keep the owners and rights on the files(with the option -p), so we would’nt have to switch them back but why would changing back the owners after transfering create a problem(since everything is back to normal afterwards), and we barely have enough space on the disk to save a .doc even less store a “.tar” from 22 Go of data(part of the reason we want to switch servers)

    Can someone please help us. Any idea on a solution would be apreciated.

    Thank you very much

    Here is our /etc/samba/smb.conf :

    log file = /var/log/samba/smb.log
    smb passwd file = /etc/samba/smbpasswd
    load printers = no
    passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*success fully*
    obey pam restrictions = yes
    socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    domain master = yes
    encrypt passwords = yes
    passwd program = /usr/bin/passwd %u
    logon home = \\serv-doc\%U
    logon drive = p:
    wins support = yes
    dns proxy = no
    server string = B01-02 - Serveur de documment ASSOCIATION
    unix password sync = Yes
    local master = yes
    workgroup = association
    logon path = \\serv-doc\Profiles\%U
    security = user
    preferred master = yes
    max log size = 0
    pam password change = yes
    domain logons = yes

    browseable = no
    comment = Dossier personnel de %u
    valid users = %S
    writable = yes
    create mode = 0664
    hide files = /outlook/~$*/*.tmp/
    directory mode = 0775

    path = /association/samba_profiles
    browseable = no
    writable = yes
    guest ok = yes

    comment = NON SAUVGARDE - Dossier de transfert temporaire vide le 1er chaque mois
    path = /association/transfers
    force group = employees
    valid users = +employees
    create mask = 0775
    directory mask = 775
    public = no
    writable = yes
    printable = no
    hide files=/~$*/*.tmp/

    printable = no
    write list = @admin
    path = /backup
    hide files = /~$*/*.tmp/
    force group = +admin
    create mask = 0770
    comment = Dossier de sauvegarde
    directory mask = 775

    [documents communs]
    writable = no
    printable = no
    path = /association/documents_communs
    write list = +direction +admin
    force group = +direction
    hide files = /~$*/*.tmp/
    create mask = 0775
    directory mask = 775
    comment = Dossier des documents communs aux employees de association
    valid users = +employees
    mangled map = docs com
    public = no

    comment = Dossier de la comptabilite
    path = /association/departements/compta/
    force group = compta
    valid users = +compta +controle
    read list = +controle
    write list = +compta beo
    create mask = 0775
    directory mask = 775
    public = no
    writable = yes
    printable = no
    hide files=/~$*/*.tmp/

    comment = Dossier du controle
    path = /association/departements/controle
    force group = controle
    valid users = +controle
    create mask = 0775
    directory mask = 775
    public = no
    writable = yes
    printable = no
    hide files=/~$*/*.tmp/

    comment = Dossier de la direction
    path = /association/departements/direction
    force group = direction
    valid users = +direction
    ; read list = +controle
    create mask = 0775
    directory mask = 775
    public = no
    writable = yes
    printable = no
    hide files=/Outlook/~$*/*.tmp/

  2. #2
    Join Date
    May 2004
    arch linux
    Welcome to the forums, johnatt!

    I think this HowTo should help you to accomplish your task.

    Let us know how it goes.

  3. #3
    Thank you very much ozar. I think it will help a lot. We can't execute the tarball part because we don't have enough space on the disk, so we'll stay with the SCP copying and migrate the users that way.

    I'll keep you updated on how it goes.

    Again, thank you very much.

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts