[Samba] Migrating NT4 Domain with Idealx tools
Paul Coray
paul.coray at unibas.ch
Wed Nov 17 16:09:19 GMT 2004
Marcel de Riedmatten schrieb:
>>
>>Now I realize this works when i configure LDAP and Idealx-Tools to store
>>machine accounts in the same container as useraccounts. Although this
>>makes my directory look somewhat messy, I can live with it if I have to.
>>Still I can't add machines doing smbldap-useradd -w, nor when I try to
>>join the domain from a client.
>
>
> you can have them separated. What count is that the machines account are
> visible on domain controllers (PDC BDC) ie getent passwd must show the
> machine (posix) account. This is nss_ldap configuration. If samba
> doesn't see the machine (posix) account it won't work .
So can I specify more then one nss base for passwd in libnss-ldap.conf?
i.e.
nss_base_passwd ou=Users,dc=mydomain,dc=ch
nss_base_passwd ou=Computers,dc=mydomain,dc=ch
nss_base_group ou=Groups,dc=mydomain,dc=ch
>
>> So I would suspect some problem in the communication with the
>>
>>>PDC and double check that on the samba box
>>>
>>>1) you have the domain SID as local SID
>>
>>Do SIDS for the PDC and for the domain have to be the same?
>
>
> yes the domain SID _is_ the (local) SID of the PDC and all domain
> controllers must have the same SID.
Thanks Marcel, this is very valuable information to me! I think these
should be pointed out more clearly in the docs.
Cheers
Paul
--
Paul Coray
Administrator Server und Netzwerk
Oeffentliche Bibliothek der Universitaet Basel
EDV-Abteilung
Schoenbeinstrasse 18-20
CH-4056 Basel
Tel: +41 61 267 05 13
Fax: +41 61 267 31 03
mailto:paul.coray at unibas.ch
http://www.ub.unibas.ch
More information about the samba
mailing list