SOLVED! [Samba] PDC and BDC with LDAP and Samba 2.2.4
Yannick Tousignant
ytousignant at oka-info.com
Wed Jun 5 12:50:05 GMT 2002
It's me again, with the solution to my problems.
To get a working BDC, you have to kill samba, delete your
secrets.tdb, create a MACHINE.SID and then restart samba. You
will have to do this on the PDC and the BDC to have the same
SID the the secrets.tdb file. Then machine account are valid
even if you move your PDC, or you add a 2nd BDC, as long as you
create the MACHINE.SID file before the first startup of samba.
Don't forget, the MACHINE.SID file have to be the same on all
domain controlers or machine account will be invalid.
And ho, backup your MACHINE.SID file, samba deletes it when
it convert the file to secrets.tdb!
Thanks to you all!!!
Yannick Tousignant
===============
Gestion Informatique OKA ltée.
Téléphone : (514) 282-9334 (#238)
> -----Original Message-----
> From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org]On
> Behalf Of Yannick Tousignant
> Sent: Wednesday, June 05, 2002 12:10 PM
> To: Gerald Carter
> Cc: samba at samba.org
> Subject: RE: [Samba] PDC and BDC with LDAP and Samba 2.2.4
>
>
>
> Ok, i'm stuck at this point. Either if i want to move
> the current PDC to another server or if i want to make
> a BDC, i have to rejoin all the stations to the domain.
>
> The machine account are stored in the LDAP database that
> I replicate to the BDC. The problem is that samba store
> some kind of part of the machine account somewhere (maybe
> in secrets.tdb) that i can't replicate on both servers. So
> if the users log into another PDC, the machine accounts
> are not valid for the server, so it deny all logon!
>
> If anyone can help me find a way to have valid machine
> account on 2 different DC...
>
>
> Thanks!
>
>
> Yannick
>
>
>
> > -----Original Message-----
> > From: samba-admin at lists.samba.org [mailto:samba-admin at lists.samba.org]On
> > Behalf Of Gerald Carter
> > Sent: Wednesday, June 05, 2002 9:04 AM
> > To: Yannick Tousignant
> > Cc: samba at samba.org
> > Subject: RE: [Samba] PDC and BDC with LDAP and Samba 2.2.4
> >
> >
> > On Tue, 4 Jun 2002, Yannick Tousignant wrote:
> >
> > >
> > >
> > > Hi, I tried to move the current PDC to another machine
> > > that have the same LDAP database. It didn't work... There
> > > is something about the machine account! How does samba
> > > handle this? i could not logon to the moved PDC, so i
> > > rejoined the domain (added my machine in TEMP workgroup,
> > > reboot, rejoin de domain, reboot), and then it worked!
> > >
> > > Is there any way i can bypass this?
> >
> > Can the uid's for passwd entries sync'd on bother servers?
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > cheers, jerry
> > ---------------------------------------------------------------------
> > Hewlett-Packard http://www.hp.com
> > SAMBA Team http://www.samba.org
> > -- http://www.plainjoe.org
> > "Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
> > --"I never saved anything for the swim back." Ethan Hawk in Gattaca--
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list