[Samba] PDC and BDC with LDAP and Samba 2.2.4

Yannick Tousignant ytousignant at oka-info.com
Tue Jun 4 08:17:02 GMT 2002 

That's exactly what i did, I replicated the ldap database
beetween the 2 servers, so it's like im replicating
linux users, and samba users. I copied the secrets.tdb
from de pdc to de bdc (seems to be the new MACHINE.SID).
But when i put "domain logons = yes" they all seems to
authentificate oon the BDC, users that have allready logon
once before the bdc was up still work, but logon script aren't
executed, and users that never logged in don't work at all
(user/passwd don't work at logon). It's pretty weird to me,
maybe samba 2.2.4 is not suitable to have 2 servers that
users can authetificate.

Hope i can find a solution...


Yannick


> -----Original Message-----
> From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org]On
> Behalf Of Tarjei Huse
> Sent: Tuesday, June 04, 2002 11:02 AM
> To: Klaus Zahradnik
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] PDC and BDC with LDAP and Samba 2.2.4
>
>
>
>
> Did you see the other BDC howto? Combine this with a replicated
> openldap server
> and I think you're done, although I've never had the need :)
>
> Tarjei
>
> >
> > PLEASE!?! :o)
> >
> > Klaus
> >
> > On 4 Jun 2002 at 7:55, Cates, Brett wrote:
> >
> > > Can samba act as a BDC?  I thought I read somewhere that it
> can only be a
> > > PDC or a member server.  I could be wrong though...
> > >
> > > Brett
> > > -----Original Message-----
> > > From: Yannick Tousignant [mailto:ytousignant at oka-info.com]
> > > Sent: Tuesday, June 04, 2002 7:47 AM
> > > To: samba at samba.org
> > > Subject: [Samba] PDC and BDC with LDAP and Samba 2.2.4
> > >
> > >
> > >
> > > Hi,
> > >
> > > I'm trying to build a PDC and BDC to elimenate Windows NT on a
> > > network and have load balancing and fault tolerence for users.
> > >
> > > I've compiled samba 2.2.4 on two servers, working with openldap 2.0.23
> > > with a master and a slave. Replication on LDAP servers works fine.
> > > I've set up a domain controller and wanted to set the other server
> > > as BDC in case the PDC goes down. Each time i put the
> > > "domain logons = yes" option, some people can't log in, computers
> > > seems to seek for a domain controler. Also, logon script aren't
> > > executed upon login... When i disconnect network cable on the
> > > PDC, users can log into the BDC fine but login script arenèt executed.
> > > When i plug back the pdc, some users can't no longer login (bad user).
> > > When i disconnect the BDC, everything work fine.
> > >
> > > For now i disabled the "domain logons = yes" on the BDC, so there is
> > > no load balancing and fault tolerence for users. =(
> > >
> > >
> > >
> > > Here is my smb.conf on both servers :
> > >
> > >
> > > PDC :
> > >
> > > ====================================
> > >
> > > [global]
> > >
> > >     netbios name = PDC
> > >     workgroup = OKA
> > >     os level = 64
> > >     preferred master = yes
> > >     domain master = yes
> > >     local master = yes
> > >     security = user
> > >     encrypt passwords = yes
> > >     domain logons = yes
> > >     time server = yes
> > >     ldap suffix = dc=OKA
> > >     ldap admin dn = cn=ADMIN,dc=OKA
> > >     ldap ssl = off
> > >     ldap server = 127.0.0.1
> > >     ldap port = 389
> > >     logon path =
> > >     logon home =
> > >     logon script = users.bat
> > >     domain admin group = root
> > >
> > >
> > > [netlogon]
> > >
> > >     path = /home/netlogon
> > >     read only = yes
> > >     write list = root
> > >
> > > ========================================
> > >
> > > BDC :
> > >
> > > ========================================
> > >
> > > [global]
> > >
> > >     netbios name = BDC
> > >     workgroup = OKA
> > >     security = user
> > >     encrypt passwords = yes
> > >     domain logons = yes
> > >     os level = 63
> > >     local master = yes
> > >     domain master = no
> > >     time server = yes
> > >     ldap suffix = dc=OKA
> > >     ldap admin dn = cn=ADMIN,dc=OKA
> > >     ldap ssl = off
> > >     ldap server = 127.0.0.1
> > >     ldap port = 389
> > >     logon path =
> > >     logon home =
> > >     logon script = users.bat
> > >     domain admin group = root
> > >
> > > [netlogon]
> > >
> > >     path = /home/netlogon
> > >     read only = yes
> > >     write list = root
> > >
> > >
> > > =======================================
> > >
> > > Hope i can do something about it... thanks!
> > >
> > >
> > > Yannick Tousignant
> > > ===============
> > > Gestion Informatique OKA ltée.
> > > Téléphone : (514) 282-9334 (#238)
> > >
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > >
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > >
> >
> >
> > Klaus Zahradnik
> > GO-PUBLIC.COM
> >
> > ----------------------------------------------------------------
> > GO-PUBLIC.COM Internet Relations GmbH
> >
> > A-2500 Baden, Weilburgstrasse 4
> > http://GO-PUBLIC.com/       office at go-public.com
> > Phone: +43(0)2252-490 10-0  Fax: +43(0)2252-490 15
> > ----------------------------------------------------------------
> >
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
>
>
> Mob: 920 63 413
>
>
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

More information about the samba mailing list