Samba4 TP5 as PDC with Win2k3 as BDC
Stefan (metze) Metzmacher
metze at samba.org
Tue Jun 12 11:51:00 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Frank,
> My first scenario was a Samba 4 PDC standalone. This worked ok, but I
> had some issues with speed of logins and general user maintenance. But
> it was GREAT for a pre-Alpha product.
thanks!
> The second scenario is where I am stuck - Samba 4 PDC with Win2k3 BDC.
> I currently receive the following error when I try to create the server
> as a BDC:
>
> Failed to modify SPNs on
> cn=brokenbox,cn=computers,dc=myhome,dc=int: kludge_acl_change:
> attempted database modify not permitted. User MYHOME\BROKENBOX$
> is not SYSTEM or an administrator
As stated in the release notes we have only very primitive access
checking...And that doesn't use ntSecurityDescriptor's yet...
> EPOLL_CTL_ADD failed (Bad file descriptor) - falling back to
> select()
> EPOLL_CTL_ADD failed (Bad file descriptor) - falling back to
> select()
> EPOLL_CTL_ADD failed (Bad file descriptor) - falling back to
> select()
I wonder why this happens, does this also happen with other network
operations?
> The Windows server name is brokenbox and begins this process as a
> non-domain server. My Samba4 PDC is running on openSUSE 10.3 Alpha 4+.
> I am logging in with the domain administrator account. After the
> installation has failed the server then belongs to the domain, but not
> as a BDC. If I start the wizard again, it performs the same steps and
> fails with the same error.
Samba4 doesn't support replicating *to* windows servers yet,
it only has a very limited support for replication *from* windows servers...
If you would solve the above problem with the changing of the SPN
you would come to the next problem very fast. There's a lot more missing
until a windows DC would run in a domain that was created using samba4.
metze
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGboikm70gjA5TCD8RAksZAKC0NVEy2lUMcDr1Oy+4BznGoTLdwwCdHEZX
pnOVqvd+ZBnD+mfjYl6+htI=
=/CmI
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list