Samba steals my production domain!
Robert Styma
stymar at agcs.com
Tue Jan 8 09:54:05 GMT 2002
I have found in a similar situation, that I had to
delete the MACHINE.SID file on the Samba server (in the
samba/private directory), delete and re-add the machine
trust account on the PDC and then re-join the domain.
This gets a new MACHINE.SID file which matches what the
new PDC thinks it should be. You should also delete the
machine trust account for the Samba server in the old test
PDC just to be safe.
> Justin Weissig wrote:
>
> Hi,
>
> I am not sure if anyone can help me but I am a little lost as where to go
> from here and maybe someone can point me in the right direction.
>
> Here is an overview of my testing LAN.
>
> I have created 2 windows NT 4.0 servers one of them is a PDC and one is a
> BDC. I have tested with sp5 and sp6a. I have compiled from source samba
> 2.2.2 on redhat 7.1 on a third machine in my test LAN. I am able to join my
> example domain and use winbind to authenticate users from the PDC & BDC on
> samba shares. Everything works great!
>
> The only catch is when I move this test server into our production
> environment and attempt to join the server to our domain as a client the
> join fails. And then our production PDC and BDC seem to get confused as to
> who is the PDC and authentication requests seem to go to the samba server.
>
> I have specifically stated in the configuration file to not act as a PDC. I
> just want to host shares on this server.
>
> Here is my smb.conf file from /etc/samba/smb.conf
>
> <snip>
>
> [global]
>
> encrypt passwords = yes
>
> winbind separator = +
> winbind cache time = 10
> template shell = /bin/bash
> template homedir = /home/%D/%U
> winbind uid = 10000-20000
> winbind gid = 10000-20000
> #winbind unum users = yes
> #winbind unum groups = yes
> workgroup = winserver
> security = domain
> password server = altec lansing
>
> domain master = no
> preferred master = no
> domain logons = no
>
> log file = /var/log/samba.log
> log level = 3
>
> [tmp]
> comment = tmp file location
> path = /tmp
> read only = no
> public = no
>
> </snip>
>
> Does anyone have an idea what I am doing wrong here?
>
> Thanks
> - Justin
--
Robert E. Styma
Principal Engineer
AG Communication Systems, Phoenix - A subsidiary of Lucent
Email: stymar at agcs.com
Phone: 623-582-7323
FAX: 623-581-4884
Company: http://www.agcs.com
Personal: http://www.swlink.net/~styma
More information about the samba
mailing list