[Samba] Member server won't authenticate against Samba BDC

Bryan K. Walton bryanw at weccusa.org
Fri Oct 1 21:51:01 GMT 2004


Just fixed it, had to restart winbind daemon on the member server.
The solution was right in front of me the entire time.  Sorry.

-Bryan

On Fri, Oct 01, 2004 at 02:22:08PM -0500, Bryan K. Walton wrote:
> For the last few years, we have had a NT4 PDC (without a BDC).
> This week I undertook the process of builing a Samba BDC running
> Debian linux.  This new BDC is running samba version 3.0.7.  After
> setting up the box, I copied all of the user, group, and machine
> accounts over to the new bdc, using "net rpc vampire".
> 
> The BDC is up and running and I see everybody authenticating against
> it.  I would like to make it the PDC, and take down our old NT domain
> controller, but I have one samba member server (running Samba 3.0.4)
> that insists on authenticating users against the old nt controller
> (wecc-server) and I can't figure out how to make it stop. Oh, I should
> also mention that the new BDC is using a tdbsam backend.
> 
> The member server (amanda) has unix and smbpasswd accounts in the BDC
> (jerry) that I "vampired" from wecc-server.  Here is an excerpt from 
> Amanda's smb.conf:
> 
> workgroup = WECC-DOMAIN
> security = domain
> password server = jerry, wecc-server
> 
> And here is an excerpt from Jerry's smb.conf:
> 
> workgroup = WECC-DOMAIN
> os level = 34
> local master = Yes
> preferred master = Yes
> domain master = No
> 
> 
> If I promote Jerry to a PDC from a BDC, and then shut down the old NT
> domain controller, none of our employees can connect to any shares on
> Amanda.  When they try, they get a message:
> 
> "There are currently no logon servers available to service the logon
> request."   Now, I've also tried removing the "wecc-server" listing from
> Amanda's "password server =" line in its smb.con, in addition to the 
> above steps, but it doesn't make any difference.
> 
> Can anybody tell me what might be wrong here?  I'm sure I'm missing
> something but have run out of ideas.  In the meantime, I keep the old NT
> domain controller up and running.  Please let me know if there are
> other parts of the smb.conf files that you would like to see.
> 
> Much thanks!!
> Bryan Walton
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
Bryan K. Walton                  Wisconsin Energy Conservation Corporation
GnuPG Key fingerprint = 42FC 3177 3E63 2490 DF3F  68A1 B565 120C 1EE1 8F37


More information about the samba mailing list