[Samba] Questions about Domain Member server
remy.zandwijk at falw.vu.nl
Thu Nov 18 13:51:50 GMT 2004
I have a couple of questions regarding Samba being a Domain Member
of a Samba PDC and BDC.
3 servers, running Solaris 9 and Samba 3.0.7. The Solaris
machines are LDAP clients (getpwent fetches info from LDAP).
The Samba domain is called 'ALW'.
Machine 1: PDC + LDAP master (PDC1)
Machine 2: BDC + LDAP slave (BDC1)
Machine 3: Domain Member server (FS1)
A Windows XP client, joined to the domain, can be used to log on to the
domain. This works without problems. Files created on the shares of
the PDC and BDC are owned by users/groups 'ALW\username' and 'ALW\groupname'.
The Domain Member server is joined to the ALW domain, which is confirmed
to be OK by the 'net rpc testjoin' command. Shares on the FS1 server can be
browsed. When creating files however, the files are owned by the users/groups
'FS1\username' and 'FS1\groupname'.
I would expect the same ownership as the files created on the PDC and BDC.
Why is this FS1\... on the Domain Member server?
Besides the above problem, I cannot explain entirely why this line appears
in the logs:
[2004/11/17 11:08:57, 1] lib/smbldap.c:add_new_domain_info(1289)
failed to add domain dn= sambaDomainName=FS1,dc=falw,dc=vu,dc=nl with:
Insufficient access no write access to parent
[2004/11/17 11:08:57, 0] lib/smbldap.c:smbldap_search_domain_info(1338)
Adding domain info for FS1 failed with NT_STATUS_UNSUCCESSFUL
I do understand why this fails; the LDAP bind dn of Samba does not have
the rights to add this information. The thing I don't understand is why
Samba wants to add info to LDAP about the domain 'FS1', while the domain
the server joined is 'ALW'.
In the logs of the LDAP server, I see queries for uid 'alwremy', when I
mount shares on the FS1 server as user 'remy'. These queries are a result
of the Solaris system 'getpwent' call, as I can tell from the bind-dn.
- Why is the ownership of files created on the Domain Member server
SERVERNAME\username instead of DOMAINNAME\username ?
- Why does Samba want to add info about the 'FS1' domain in LDAP?
- Why does Samba perform a getpwent call with the Samba domainname and
the username merged together?
More information about the samba