3.0Alpha21 and W2K AD 'dorking' Samba machine acct?
Nik Conwell
nik at bu.edu
Thu Jan 30 12:32:43 GMT 2003
Anybody seeing a scenario like this?
net ads join adds our machine entry to AD just fine.
The machine entry object in the AD database has:
OperatingSystem "Samba"
OperatingSystemVersion "post3.0-HEAD"
dnsHostname "ourhost"
Some time later "something" happened, and AD now has:
OperatingSystem "Windows"
OperatingSystemVersion "NT 4"
dnsHostname is empty.
and then authentication to ourhost fails.
In the past we've seen a couple of cases where changing the config file while
the smbd was running caused the AD object to change, but now that we're trying
to debug this, this isn't happening any longer. Some times when we shut down
"ourhost", it causes this problem. Stopping and starting the smbd and nmbd
doesn't have this effect.
We've turned on auditing on the AD object for the machine account and happened
to catch a situation where the object changed, yet the audit reports didn't show
the change. (Changing the object manually through the gui did cause an audit
report.) DOH!
Doing a net ads leave and net ads join again puts the machine entry back again.
Just curious if anybody's seen anything like this. We're continuing to debug...
--nik
More information about the samba-technical
mailing list