RE : [Samba] Samba as a PDC / Windows NT 4 SP6a as a BDC

Julien Bordet Julien.Bordet at intrinsec.com
Mon Jul 26 12:41:19 GMT 2004 

Are you sure of that ? I thought it was possible...
 
If it is not, I've got another slightly off topic question : how to I demote my former Windows NT PDC (that is now a BDC) to a normal Windows NT server, so that I have no problem with it ?
 
Thanks in advance.

	-------- Message d'origine-------- 
	De: Umberto Zanatta [mailto:uzanatta at provincia.treviso.it] 
	Date: lun. 26/07/2004 14:09 
	À: Julien Bordet 
	Cc: samba at lists.samba.org 
	Objet: Re: [Samba] Samba as a PDC / Windows NT 4 SP6a as a BDC
	
	
	You can't do it!
	
	Samba won't be a BDC for NT and viceversa.
	
	maybe, you should wait samba 4.0.
	
	Il lun, 2004-07-26 alle 13:05, Julien Bordet ha scritto: 

		Hi every body,
		 
		As you may have guessed, I've got a problem ;)
		 
		What I had :
		 
		   - A PDC Server (Windows NT 4 SP 6a), called SERVER1, for the domain TEST
		   - A BDC Server (Windows NT 4 SP 6a), called SERVER2, for the domain TEST
		 
		Everything was working fine.
		 
		Now I switched my NT PDC to a Samba PDC, and I make SERVER1 a BDC for the domain. Until now, no problem. I use samba 3.0.4, connected to OpenLDAP thanks to the ldapsam method.
		 
		However, after promoting Samba to be the PDC, it seems that none of the two BDC (SERVER1 and SERVER2) can synchronize SAM, LSA and BUILTIN databases from SAMBA.
		 
		So I can logon with any user/password that existed before the migration, but cannot add any new account on the SAMBA/LDA Server. I've got a password error when trying to log in.
		 
		On both servers, I have the following error :
		 
		Event ID 5718
		The full synchronization replication of the LSA database from the primary domain controller servername failed with the following error: Procedure number out of range.
		 
		I've successfully tried to establishe a secure channel from the BDC, with the netdomain command 
		 
		
		NETDOM BDC SERVER1 /SYNC
		
		However, trying to force a synchronization returns :
		
		C:\ntreskit>nltest /BDC_QUERY:TEST
		Server : \\SERVER1
		        SyncState :  REPLICATION_IN_PROGRESS
		        ConnectionState : Status = 1745 0x6d1 RPC_S_PROCNUM_OUT_OF_RANGE
		The command completed successfully
		
		The error message here corresponds to the message of the event viewer.
		
		Have anyone of you seem anything like that before ?
		
		I've search both the microsoft support site and the samba mailing list archive, but without success. 
		
		Many thanks for your help. 
		
		 
		
		Julien
		
		 
		
		
		
		Here is my smb.conf :
		
		 
		
		[Global]
		workgroup = TEST
		netbios name = SAMBA
		server string = SAMBA-LDAP
		username map = /etc/samba/smbusers
		encrypt passwords = yes
		interfaces = 172.16.0.115/16
		
		domain logons = Yes
		os level = 65
		domain master = Yes
		local master = No
		security = user
		wins support = Yes
		
		passdb backend = ldapsam:ldap://localhost
		ldap admin dn = "cn=samba,ou=DSA,dc=testdomain,dc=fr"
		ldap ssl = off
		ldap delete dn = yes
		ldap user suffix = ou=Utilisateurs
		ldap group suffix = ou=Groupes
		ldap machine suffix = ou=Machines
		ldap suffix = dc=testdomain,dc=fr
		ldap idmap suffix = ou=Users
		ldap passwd sync = yes
		
		Dos charset = 850
		Unix charset = ISO8859-1
		
		log level = 99
		log file = /var/log/samba/%m.log
		max log size = 100000
		time server = Yes
		socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
		
		logon script = logon.bat
		logon drive = H:
		logon home =
		logon path =
		
		add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
		add user script = /usr/local/sbin/smbldap-useradd -m "%u"
		add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
		add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
		delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
		set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
		
		[homes]
		comment = Répertoires utilisateurs
		valid users = %U
		read only = No
		create mask = 0664
		directory mask = 0775
		browseable = No
		
		[netlogon]
		path = /var/lib/samba/netlogon
		browseable = No
		read only = Yes
		
		
		 
		
		
		
  _____  

		-- 
		To unsubscribe from this list go to the following URL and read the
		instructions:  http://lists.samba.org/mailman/listinfo/samba <http://lists.samba.org/mailman/listinfo/samba> 

	
_______________________
Umberto Zanatta
linuxDidattica

tel: +39 (335) 54 71 385
email: umberto.z at tin.it
web: http://linuxdidattica.org
_______________________

More information about the samba mailing list