PDC/BDC && "domain logons = yes"
oswell at xcert.com
Fri Aug 13 19:24:39 GMT 1999
I ran into a problem the other day where our NT PDC and BDCs
starting flaking out. They all thought that there was another PDC on the
network and so would not promote. After several hours of fighting with
the NT servers, we checked a change that had been made to our smb.conf on
our fileserver. Namely, the addition of "domain logons = yes".
My understanding was that this addition would allow our fileserver
to properly authenticate windows 95/98 machines against the domain. Now,
we are running Samba 2.0.5a, and I have included our smb.conf below.
Is it expected behavior that with this line in the smb.conf that
samba would suddenly show up to the other NT boxes as a PDC? Running "net
accounts" on any of our NT BDCs showed our samba server as the PDC,
whereas I had thought that this version of samba did not have any of the
NT PDC/BDC code in it.
As a side note, if this is not the command that I should be using
to get NT machines that are not a member of the domain, and windows 95/98
boxes, to authenticate against the domain properly, how _do_ I do this?
Xcert International Inc.
----- [ Snip of smb.conf ] -----
workgroup = OURDOM
netbios name = fileserver
server string = Internal Fileserver
# domain logons = yes
local master = no
security = domain
password server = pdc-van bdc-van
hosts allow = 10.0.1. 10.0.2. 10.0.3.
name resolve order = hosts bcast lmhosts wins
load printers = no
printing = bsd
dns proxy = yes
encrypt passwords = yes
debug level = 1
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
max log size = 1024
lock directory = /data/samba/var/locks
log file = /data/samba/var/samba.log
username map = /data/samba/lib/username.map
printcap name = /etc/printcap
lpq command = /usr/bin/lpq -P%p
queuepause command = /usr/sbin/lpc stop %p
queueresume command = /usr/sbin/lpc start %p
browsable = yes
guest ok = no
guest account = nobody
More information about the samba