[Samba] DC priority, BDC prob with domain groups
Gaiseric Vandal
gaiseric.vandal at gmail.com
Fri Nov 13 10:47:57 MST 2009
I have the following setup:
PDC: Samba 3.0.37 on Solaris 10
BDC1: Samba 3.0.37 on Solaris 10
BDC2: Samba 3.4.3 on Solaris 10
Samba 3.0.37 is the bundled version of Samba.
Samba 3.4.3 is compiled from source.
BDC2 is a recent addition to the network.
All machine use LDAP as the backend for everything. They use winbind to
handle a domain trust with another domain, but otherwise isn't needed.
If I start samba on BDC2 and logon to an XP (or Win 2003) Machine, the
logon will be to BDC2. This can be verified with echo
%logonserver%. Rebooting the XP machine is probably not necessary to
see this.
If I login as the domain administrator, I am effectively not considered
a member of the local administrator group. If I look at the local
Administrator group I will see the DOMAIN/Administrators as members.
But I am unable to install software, see all local files, add users to
local groups etc.
"OS level" on all three DC's was not explictly set, so was 20 by
default. I changed BDC2 to "os level=0" and set the PDC to "os
level=33." I did not restart samba on PDC. It seems to be a browsing
issue.
I still logon to BDC2.
So I have two issues:
1- How to make sure that the PDC (or PDC and BDC1) use used in
preference to BDC2. I assume that something about BDC2 having a newer
ver of samba is getting it priority.
2. What is wrong with the domain members in local users group. This
may be a BDC config in general issue (and I just never found it because
BDC1 never took precendence over PDC) or it may be something to do with
Samba 3.4.x vs 3.0.x.
Thanks
More information about the samba
mailing list