MS Exchange

Adam Getchell acgetchell at ucdavis.edu
Fri Sep 17 00:48:15 GMT 1999


I've been running Exchange for awhile, although my SAMBA experience is limited.

If you can arrange it (and yes, it's a pain to reinstall your Exchange server
from scratch -- I've done it twice now) install exchange onto a BDC. That way,
authentication is handled mostly locally on the box and the SAM database
(account information) is replicated from the PDC.

The SID which is the Machine SID + enumerated user RIDs are probably not the
issue, especially on a domain controller. All workgroup and account SIDs are
the same,  since the domain accounts are stored in the SAM database. As long
as there's not a conflicting machine with an identical SID, identical
user SIDs won't be generated (=machine SID plus sequential RID). Even then, this
issue is mostly a compatibility with W2K problem.

Platinum (aka Exchange 6.0) is completely integrated with Active Directory (in
fact, AD is based upon the Exchange database engine) so SAMBA integration with
future versions of Exchange will, I imagine, be extremely tricky.

I ran across an announcement that Hewlett-Packard OpenMail supports rich
Outlook client functionality, so if you really want to depose NT on the server
side you might check there ....

--Adam


On Wed, 15 Sep 1999, Paul L. Lussier wrote:
> In a message dated: Wed, 15 Sep 1999 05:22:51 +0200
> Jan Kratochvil said:
> 
> >Exchange simply doesn't start - it originally used some account ("Logon as" of
> >the service parameters) from the NT domain but it is not able to use such
> >account from Samba domain. I don't know whether it would help to reinstall it
> >from scratch but simple move from NT to Samba domain just isn't as simple as
> >it looks. And yes, we've played with various group names, even patching Samba
> >for new group SIDs, adding Samba users (and "Everybody") to various
> >administrative rights in Exchange setup etc. And always it fails to start
> >properly.
> >
> >Although several services of it will start, the "Information storage manager"
> >just can't cope with it. It maybe has to do something with existing file
> >ownership assigned to users of the old NT-driven domain. Would it be possible
> >to Samba act as NT server by using the same user SIDs that no client would
> >notice the change? I have found that simply naming the domain by the same
> >name isn't sufficient, probably SID of the domain takes into the play.
> 
> Here are some questions I have.  I think you might be onto something with the 
> SID idea.
> 
> Are you able to have normal users log in to the Samba PDC controlled domain 
> without dealing with Exchange?  If not, then get this working before dealing 
> with Excahange (I assume though, that this is not your problem, but it never 
> hurts to ask the obvious :)
> 
> Was the Exchange server set up prior to of after migration to the Samba PDC 
> domain?
> 	If prior to, then the SID thing could be your problem, and I'd try
> 	re-installing the Exchange server, or, better yet, setting up a new 
> 	one for testing purposes that only knows about the Samba PDC.
> 
> 	If after, then did you make sure that it only knows about the Samba 
> 	PDC and not the old domain controller?
> 
> Have you put a packet sniffer on the wire to see what packets are going across 
> and maybe find out why it's not authenticating properly?
> 
> Have you turned on and checked all possible logging of the exchange server and 
> the Samba server.  Granted, the MS logging capability is pretty lame, but the 
> Samba server should at least tell you if it's seeing the requests.
> 
> I hope this helps somewhat, at least in giving you some ideas.  I'm interested
> in the solution of this dilemma if you ever find one.
> 
> Good luck!
> 
> -- 
> 
> Seeya,
> Paul
> ----
> 	    Depression is merely anger without enthusiasm.
>      There cannot be a crisis today; my schedule is already full.
>   A conclusion is simply the place where you got tired of thinking.
> 	 If you're not having fun, you're not doing it right!
-- 
****************
*	Adam Getchell
*	acgetchell at ucdavis.edu
****************
"Invincibility is in oneself, vulnerability in the opponent." -- Sun Tzu


More information about the samba mailing list