[Samba] Samba LDAP PDC BDC quit working
mallapadi niranjan
niranjan.ashok at gmail.com
Thu Feb 23 03:45:47 GMT 2006
Hi philip
the samba pdc with openldap 2.2.13, i have lot of troubles, i have compiled
samba 3.0.21.when at the first time was released , i am not sure it's called
samba 3.0.21a or something. openldap 2.2.13 (shipped with Redhat Enterprise
linux 4) also need to be tweaked for having a good cachesize, checkpoints
etc.
so i have decided to go with samba 3.0.21b with openldap 2.3.19.
see to take backup in ldif and restore it , and check whether it works.
as i was told that openldap 2.3.19 has auto recovery in case of unclean
shutdowns.
hope this works
Regards
Niranjan
On 2/22/06, Philip Washington <phwashington at comcast.net> wrote:
>
> mallapadi niranjan wrote:
>
> > Hi Philip
> >
> >
> > yes, I have the same properties, (for checking i did the rid*2+1000
> > and object class test. , but
> > once the computer are rejoined, it gets new rid, not the rid which is
> > in the LDIF.
> >
> > Regards
> > Niranjan
> >
> Okay, then this is something else I don't understand.
> If the LDAP database is getting corrupted then I can see how this
> problem could happen. But if the PDC goes down as you describe in
> scenario-2 then it doesn't make sense that the computers should have to
> rejoin the domain, unless there is some information which is not being
> stored in the LDAP database.
>
> > On 2/21/06, *Philip Washington* <phwashington at comcast.net
> > <mailto:phwashington at comcast.net>> wrote:
> >
> > mallapadi niranjan wrote:
> >
> > > Hi Craig
> > >
> > > Thanks for replying, The samba PDC gets rebooted because of Power
> > > outage, at night times.
> > > After the system gets rebooted,
> > > Scenario -01
> > > 1. Either some times the ldap gets hanged, (2.2.13) may be
> > because of
> > > inconsistency.
> > > 2. since ldap hangs, samba doesn't come up properly.
> > > 3. so i run db_recover and try to start the ldap service and
> > then samba
> > >
> > > Scenario-02
> > > if LDAP doesn't hang, and samba comes up nicely, the computer had
> to
> > > rejoin.
> > > but in my ldapdatabase, in OU=Computers, all the computer accounts
> > > exist. with
> > > rid and Object class intact.
> > > but some how i don't know why i have to rejoin,
> > >
> > Okay I just want to clarify this. After an unplanned reboot (power
> > outage) , your PDC comes back up and you find that some of the
> > computers
> > in your domain need to rejoin the domain?? Do you have recent
> > ldiff or
> > slapcats indicating that most of these computers have the same
> > properties in the LDAP database as before.
> >
> > > Scenario-03.
> > > I take the regular backup of LDAP, to LDIF file, and restore with
> > > latest LDIF file,
> > > eventhough i don't get the Computer Accounts and also i lose user
> 's
> > > passwords,
> > > After restoring from LDIF file.
> > >
> > > Scenario-04
> > > If i do safe reboot or shutdown, there 's no problem , the server
> > > works properly without any
> > > problem
> > >
> > > Regards
> > > Niranjan
> > >
> > >
> > > On 2/20/06, *Craig White* <craigwhite at azapple.com
> > <mailto:craigwhite at azapple.com>
> > > <mailto: craigwhite at azapple.com
> > <mailto:craigwhite at azapple.com>>> wrote:
> > >
> > > On Mon, 2006-02-20 at 11:55 +0530, mallapadi niranjan wrote:
> > > > Hi all
> > > >
> > > >
> > > > I too have the same problem , i am also using samba 3.0.21
> > with
> > > > openldap version 2.2.13 on Redhat Enterprise Linux 4
> > enterprise
> > > > server.
> > > > if the samba PDC gets rebooted aburuptly, some of my
> clients
> > > > workstations (Windows 2000 professional) have to rejoin.
> > > > i was asked to check whether RID of the computer name is
> > > correct(uid*2
> > > > + 1000) , ans whether
> > > > computer names have SambaSAMAccount object class.
> > > > eventhough my computernames' exist in the database with
> > correct
> > > object
> > > > class and rid, the clients
> > > > have to be rejoined. this happens only when samba PDC with
> > ldap
> > > gets
> > > > rebooted abruptly.
> > > > having said that, so i assume that LDAP is unable to
> maintain
> > > > consistency when it gets rebooted.
> > > >
> > > > so i had kept DB_CONFIG file in /var/lib/ldap(this is
> > where all bdb
> > > > files are there) and use db_recover
> > > > in case of any crash of ldap.
> > > >
> > > > But if we take backup in LDIF file and restore it, but
> > still my
> > > > computer accounts are not getting back, i had to rejoin.
> > > >
> > > > this is the problem that i am having, but still could not
> > find the
> > > > correct solution.
> > > ----
> > > No - as you and he describe it, these are separate problems.
> > >
> > > Your issues is that PDC shouldn't get rebooted abruptly and
> > newer
> > > versions of openldap have a script that automatically runs
> > db_recover.
> > > This however doesn't come in the version of openldap that
> > ships with
> > > RHEL
> > >
> > > You might want to set up a cron script that performs a
> > slapcat on
> > > a more
> > > frequent basis so that if it is necessary to dump the entire
> > LDAP DSA
> > > and reload from an ldif, the ldif is much more current and
> > thus, you
> > > wouldn't have to rejoin many if any computers to the domain.
> > >
> > > Craig
> > >
> > >
> >
> >
>
>
More information about the samba
mailing list