LinuxQuestions.org - Don't have rights after copying serv to other serv

Hello everyone, I need some help with the transfer of our old Linux server (Red Hat 9)to a new one(with much better hardware and Fedora Core 7). We’ve encountered a problem with some rights the users have lost.

We have around 30 employees working on windows 2000. Every employee connects with Windows to his profile through the linux server via Samba. The linux server is also the domain controller. On the Linux server we have all the data of every employee as well as the data on their desktops. When they connect to the server they download their desktop and their personal files in My Documents. What we want to do is transfer all the data, the user accounts, the samba configuration, etc.. So that we have the same server as before but on a new machine with better hardware and FC7. We need to transfer the data over night; we cannot allow downtime during any day of the week.

What we did :
1 – Copy the files: hosts, host.conf, resolv.conf, named.conf, network, passwd, shadow, group, gshadow, hostname, dhcpd.conf and the entire directory /etc/samba from the old server to the new one.

2 – Copy all the files from the old to the new server with :
scp –pr root@192.168.0.1:/home /home (This is where « My Documents » of every users is stored)

3 – scp –pr root@192.168.0.1:/association/samba_profiles /association/samba_profiles (for the desktops of every user)

4 – Create a shell script to change the owner and group of all the files we tranfered to make it so that the personal directorys and files are owned by the right users and groups(Every users should be the owner of their own directory in both the partitions).
Exemple: chown –R john1 :john1 /home/john1(same thing for /association/samba_profiles/john1)

The files have been copied correctly, and the directorys and files now have the fiting rights and ownerships. So now we have the exact same image on the new server as we had on the old one, exept for the OS, but we made some changes so that the config files from the RD9 would work on the FC7(anyway the problem doesn’t come from the incompatibility of the config files between 2 different OS because we tried from RD9 to RD9 and we still have the same problem).

PROBLEM
The problem we get is that all the users have lost their administrative rights on their own profiles, so now they cannot change the keyboard config, nor can they change the desktop image, but more importantly they cannot open their outlook accounts because they don’t have the rights. So it seems they don’t have the rights on their own directorys even though when we type “ll” we see the users as owners, and the rights are 755 for everyone. Keep in mind we cannot put them in the admin group for the domain, it would’nt be right.

The “tail –f /var/log/messages” on the server shows “couldn’t find service logon” when we try to connect to it with a distant Windows user. It was working fine with this smb.conf file before.

Someone suggested to tarball the data instead of using SCP(which changes the ownerships of all the files to root(because we use root to transfer)), tarball would keep the owners and rights on the files(with the option -p), so we would’nt have to switch them back but why would changing back the owners after transfering create a problem(since everything is back to normal afterwards), and we barely have enough space on the disk to save a .doc even less store a “.tar” from 22 Go of data(part of the reason we want to switch servers)

Can someone please help us. Any idea on a solution would be apreciated.

Thank you very much

Here is our /etc/samba/smb.conf :

[global]
log file = /var/log/samba/smb.log
smb passwd file = /etc/samba/smbpasswd
load printers = no
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
domain master = yes
encrypt passwords = yes
passwd program = /usr/bin/passwd %u
logon home = \\serv-doc\%U
logon drive = p:
wins support = yes
dns proxy = no
server string = B01-02 - Serveur de documment ASSOCIATION
unix password sync = Yes
local master = yes
workgroup = association
logon path = \\serv-doc\Profiles\%U
security = user
preferred master = yes
max log size = 0
pam password change = yes
domain logons = yes

[homes]
browseable = no
comment = Dossier personnel de %u
valid users = %S
writable = yes
create mode = 0664
hide files = /outlook/~$*/*.tmp/
directory mode = 0775

[Profiles]
path = /association/samba_profiles
browseable = no
writable = yes
guest ok = yes

[transferts]
comment = NON SAUVGARDE - Dossier de transfert temporaire vide le 1er chaque mois
path = /association/transfers
force group = employees
valid users = +employees
create mask = 0775
directory mask = 775
public = no
writable = yes
printable = no
hide files=/~$*/*.tmp/

[sauvegardes]
printable = no
write list = @admin
path = /backup
hide files = /~$*/*.tmp/
force group = +admin
create mask = 0770
comment = Dossier de sauvegarde
directory mask = 775

[documents communs]
writable = no
printable = no
path = /association/documents_communs
write list = +direction +admin
force group = +direction
hide files = /~$*/*.tmp/
create mask = 0775
directory mask = 775
comment = Dossier des documents communs aux employees de association
valid users = +employees
mangled map = docs com
public = no

[compta]
comment = Dossier de la comptabilite
path = /association/departements/compta/
force group = compta
valid users = +compta +controle
read list = +controle
write list = +compta beo
create mask = 0775
directory mask = 775
public = no
writable = yes
printable = no
hide files=/~$*/*.tmp/

[controle]
comment = Dossier du controle
path = /association/departements/controle
force group = controle
valid users = +controle
create mask = 0775
directory mask = 775
public = no
writable = yes
printable = no
hide files=/~$*/*.tmp/

[direction]
comment = Dossier de la direction
path = /association/departements/direction
force group = direction
valid users = +direction
; read list = +controle
create mask = 0775
directory mask = 775
public = no
writable = yes
printable = no
hide files=/Outlook/~$*/*.tmp/