[Samba] Member server won't authenticate against Samba BDC

Bryan K. Walton bryanw at weccusa.org
Fri Oct 1 21:51:01 GMT 2004

Just fixed it, had to restart winbind daemon on the member server.
The solution was right in front of me the entire time.  Sorry.


On Fri, Oct 01, 2004 at 02:22:08PM -0500, Bryan K. Walton wrote:
> For the last few years, we have had a NT4 PDC (without a BDC).
> This week I undertook the process of builing a Samba BDC running
> Debian linux.  This new BDC is running samba version 3.0.7.  After
> setting up the box, I copied all of the user, group, and machine
> accounts over to the new bdc, using "net rpc vampire".
> The BDC is up and running and I see everybody authenticating against
> it.  I would like to make it the PDC, and take down our old NT domain
> controller, but I have one samba member server (running Samba 3.0.4)
> that insists on authenticating users against the old nt controller
> (wecc-server) and I can't figure out how to make it stop. Oh, I should
> also mention that the new BDC is using a tdbsam backend.
> The member server (amanda) has unix and smbpasswd accounts in the BDC
> (jerry) that I "vampired" from wecc-server.  Here is an excerpt from 
> Amanda's smb.conf:
> workgroup = WECC-DOMAIN
> security = domain
> password server = jerry, wecc-server
> And here is an excerpt from Jerry's smb.conf:
> workgroup = WECC-DOMAIN
> os level = 34
> local master = Yes
> preferred master = Yes
> domain master = No
> If I promote Jerry to a PDC from a BDC, and then shut down the old NT
> domain controller, none of our employees can connect to any shares on
> Amanda.  When they try, they get a message:
> "There are currently no logon servers available to service the logon
> request."   Now, I've also tried removing the "wecc-server" listing from
> Amanda's "password server =" line in its smb.con, in addition to the 
> above steps, but it doesn't make any difference.
> Can anybody tell me what might be wrong here?  I'm sure I'm missing
> something but have run out of ideas.  In the meantime, I keep the old NT
> domain controller up and running.  Please let me know if there are
> other parts of the smb.conf files that you would like to see.
> Much thanks!!
> Bryan Walton
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

Bryan K. Walton                  Wisconsin Energy Conservation Corporation
GnuPG Key fingerprint = 42FC 3177 3E63 2490 DF3F  68A1 B565 120C 1EE1 8F37

More information about the samba mailing list