[Samba] members server cant find bdc for logon service

Matthias Eichler mylists at ame.de
Wed Mar 24 14:26:14 GMT 2004 

Dear List,

we've the following setup:

login: PDC (Samba + Master LDAP with Slave LDAP)
appserver: BDC (Samba + Master LDAP with Slave LDAP)
fileserver: Samba domain member server

Everything is running with Samba3 and OpenLDAP2

The following problem:
when the PDC is not available (test shutdown)
the clients can log into the domain (netlogon-
script is running from BDC), but the fileserver
is not authorizing the client access due to:

NO_LOGON_SERVER_FOUND

Some parts of the configs:

1) PDC:
---cut---
        #SECURITY
        encrypt passwords = true
        guest account = nobody
        obey pam restrictions = no
        admin users = @domadmins

        add machine script = /usr/local/sbin/smbldap-useradd.pl -w -g
smb-machines -s /bin/false %m
        unix password sync = yes
        #passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
        passwd program = /usr/local/sbin/smbldap-passwd.pl %u
        passwd chat = *New\spassword\s:* %n\n *Retype\snew\spassword*
%n\n *successfully*

        #FEATURES
        panic action = /usr/share/samba/panic-action %d
        wins support = yes
        dns proxy = no
        preferred master = yes
        local master = yes
        time server = yes
        os level = 67

        #DOMAIN STUFF
        domain master = yes
        domain logons = yes
---cut---


2) BDC:
---cut---
        #SECURITY
        encrypt passwords = true
        guest account = nobody
        obey pam restrictions = no
        admin users = @domadmins

        add machine script = /usr/local/sbin/smbldap-useradd.pl -w -g
smb-machines -s /bin/false %m
        unix password sync = yes
        #passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u
        passwd program = /usr/local/sbin/smbldap-passwd.pl %u
        passwd chat = *New\spassword\s:* %n\n *Retype\snew\spassword*
%n\n *successfully*

        #FEATURES
        panic action = /usr/share/samba/panic-action %d
        wins support = yes
        dns proxy = no
        preferred master = no
        local master = yes
        time server = yes
        os level = 65

        #DOMAIN STUFF
        domain master = no
        domain logons = yes
---cut---

3) FILESERVER:
---cut---
        #SECURITY
        null passwords = no
        admin users = @domadmins
        encrypt passwords = true
        guest account = nobody
        obey pam restrictions = no
        security = domain
        password server = LOGIN, APPSERVER

        #FEATURES
        panic action = /usr/share/samba/panic-action %d
        nt acl support = yes
        wins support = no
        wins proxy = no
        wins server = 10.1.1.1 10.1.1.10
        dns proxy = no
        local master = no
        preferred master = no

        #DOMAIN STUFF
        domain master = no
        domain logons = no
---cut---

Thanks for all help,

Matthias

More information about the samba mailing list