[Samba] PDC and BDC with LDAP and Samba 2.2.4

Yannick Tousignant ytousignant at oka-info.com
Tue Jun 4 12:05:03 GMT 2002 

Hi, I tried to move the current PDC to another machine
that have the same LDAP database. It didn't work... There
is something about the machine account! How does samba
handle this? i could not logon to the moved PDC, so i
rejoined the domain (added my machine in TEMP workgroup,
reboot, rejoin de domain, reboot), and then it worked!

Is there any way i can bypass this?


Yannick




> -----Original Message-----
> From: Tarjei Huse [mailto:tarjei at nu.no]
> Sent: Tuesday, June 04, 2002 2:24 PM
> To: Yannick Tousignant
> Subject: RE: [Samba] PDC and BDC with LDAP and Samba 2.2.4
>
>
> Try samba-tng.
> TH
> Quoting Yannick Tousignant <ytousignant at oka-info.com>:
>
> >
> > That's exactly what i did, I replicated the ldap database
> > beetween the 2 servers, so it's like im replicating
> > linux users, and samba users. I copied the secrets.tdb
> > from de pdc to de bdc (seems to be the new MACHINE.SID).
> > But when i put "domain logons = yes" they all seems to
> > authentificate oon the BDC, users that have allready logon
> > once before the bdc was up still work, but logon script aren't
> > executed, and users that never logged in don't work at all
> > (user/passwd don't work at logon). It's pretty weird to me,
> > maybe samba 2.2.4 is not suitable to have 2 servers that
> > users can authetificate.
> >
> > Hope i can find a solution...
> >
> >
> > Yannick
> >
> >
> > > -----Original Message-----
> > > From: samba-admin at lists.samba.org
> [mailto:samba-admin at lists.samba.org]On
> > > Behalf Of Tarjei Huse
> > > Sent: Tuesday, June 04, 2002 11:02 AM
> > > To: Klaus Zahradnik
> > > Cc: samba at lists.samba.org
> > > Subject: RE: [Samba] PDC and BDC with LDAP and Samba 2.2.4
> > >
> > >
> > >
> > >
> > > Did you see the other BDC howto? Combine this with a replicated
> > > openldap server
> > > and I think you're done, although I've never had the need :)
> > >
> > > Tarjei
> > >
> > > >
> > > > PLEASE!?! :o)
> > > >
> > > > Klaus
> > > >
> > > > On 4 Jun 2002 at 7:55, Cates, Brett wrote:
> > > >
> > > > > Can samba act as a BDC?  I thought I read somewhere that it
> > > can only be a
> > > > > PDC or a member server.  I could be wrong though...
> > > > >
> > > > > Brett
> > > > > -----Original Message-----
> > > > > From: Yannick Tousignant [mailto:ytousignant at oka-info.com]
> > > > > Sent: Tuesday, June 04, 2002 7:47 AM
> > > > > To: samba at samba.org
> > > > > Subject: [Samba] PDC and BDC with LDAP and Samba 2.2.4
> > > > >
> > > > >
> > > > >
> > > > > Hi,
> > > > >
> > > > > I'm trying to build a PDC and BDC to elimenate Windows NT on a
> > > > > network and have load balancing and fault tolerence for users.
> > > > >
> > > > > I've compiled samba 2.2.4 on two servers, working with openldap
> > 2.0.23
> > > > > with a master and a slave. Replication on LDAP servers works fine.
> > > > > I've set up a domain controller and wanted to set the other server
> > > > > as BDC in case the PDC goes down. Each time i put the
> > > > > "domain logons = yes" option, some people can't log in, computers
> > > > > seems to seek for a domain controler. Also, logon script aren't
> > > > > executed upon login... When i disconnect network cable on the
> > > > > PDC, users can log into the BDC fine but login script arenèt
> > executed.
> > > > > When i plug back the pdc, some users can't no longer login (bad
> > user).
> > > > > When i disconnect the BDC, everything work fine.
> > > > >
> > > > > For now i disabled the "domain logons = yes" on the BDC,
> so there is
> > > > > no load balancing and fault tolerence for users. =(
> > > > >
> > > > >
> > > > >
> > > > > Here is my smb.conf on both servers :
> > > > >
> > > > >
> > > > > PDC :
> > > > >
> > > > > ====================================
> > > > >
> > > > > [global]
> > > > >
> > > > >     netbios name = PDC
> > > > >     workgroup = OKA
> > > > >     os level = 64
> > > > >     preferred master = yes
> > > > >     domain master = yes
> > > > >     local master = yes
> > > > >     security = user
> > > > >     encrypt passwords = yes
> > > > >     domain logons = yes
> > > > >     time server = yes
> > > > >     ldap suffix = dc=OKA
> > > > >     ldap admin dn = cn=ADMIN,dc=OKA
> > > > >     ldap ssl = off
> > > > >     ldap server = 127.0.0.1
> > > > >     ldap port = 389
> > > > >     logon path =
> > > > >     logon home =
> > > > >     logon script = users.bat
> > > > >     domain admin group = root
> > > > >
> > > > >
> > > > > [netlogon]
> > > > >
> > > > >     path = /home/netlogon
> > > > >     read only = yes
> > > > >     write list = root
> > > > >
> > > > > ========================================
> > > > >
> > > > > BDC :
> > > > >
> > > > > ========================================
> > > > >
> > > > > [global]
> > > > >
> > > > >     netbios name = BDC
> > > > >     workgroup = OKA
> > > > >     security = user
> > > > >     encrypt passwords = yes
> > > > >     domain logons = yes
> > > > >     os level = 63
> > > > >     local master = yes
> > > > >     domain master = no
> > > > >     time server = yes
> > > > >     ldap suffix = dc=OKA
> > > > >     ldap admin dn = cn=ADMIN,dc=OKA
> > > > >     ldap ssl = off
> > > > >     ldap server = 127.0.0.1
> > > > >     ldap port = 389
> > > > >     logon path =
> > > > >     logon home =
> > > > >     logon script = users.bat
> > > > >     domain admin group = root
> > > > >
> > > > > [netlogon]
> > > > >
> > > > >     path = /home/netlogon
> > > > >     read only = yes
> > > > >     write list = root
> > > > >
> > > > >
> > > > > =======================================
> > > > >
> > > > > Hope i can do something about it... thanks!
> > > > >
> > > > >
> > > > > Yannick Tousignant
> > > > > ===============
> > > > > Gestion Informatique OKA ltée.
> > > > > Téléphone : (514) 282-9334 (#238)
> > > > >
> > > > >
> > > > > --
> > > > > To unsubscribe from this list go to the following URL and read the
> > > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > > >
> > > > >
> > > > > --
> > > > > To unsubscribe from this list go to the following URL and read the
> > > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > > >
> > > > > --
> > > > > To unsubscribe from this list go to the following URL and read the
> > > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > > >
> > > >
> > > >
> > > > Klaus Zahradnik
> > > > GO-PUBLIC.COM
> > > >
> > > > ----------------------------------------------------------------
> > > > GO-PUBLIC.COM Internet Relations GmbH
> > > >
> > > > A-2500 Baden, Weilburgstrasse 4
> > > > http://GO-PUBLIC.com/       office at go-public.com
> > > > Phone: +43(0)2252-490 10-0  Fax: +43(0)2252-490 15
> > > > ----------------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > To unsubscribe from this list go to the following URL and read the
> > > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > >
> > >
> > >
> > > Mob: 920 63 413
> > >
> > >
> > > -------------------------------------------------
> > > This mail sent through IMP: http://horde.org/imp/
> > >
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > >
> >
> >
>
>
> Mob: 920 63 413
>
>
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
>

More information about the samba mailing list