[Samba] openldap PDC : can't add machine account ; "too many
domain info entries"
Andrew Bartlett
abartlet at samba.org
Thu Sep 23 10:59:20 GMT 2004
On Thu, 2004-09-23 at 19:01, Simone Cittadini wrote:
> I've ereditated this quite messy openldap server from the previous
> administrator, samba (3) relies on it for acting as a PDC.
> The main problem (while I build a new directory from scratch) is you
> can't add a machine account to the domain :
> On the client it says the credentials are invalid, anyway the real
> problem (from samba logs) seems to be :
>
> "Got too many (2) domain info entries for domain DOMAIN"
>
> (I've replaced my domain name to 'DOMAIN' and sambahost name to 'host'
> for no particular reason ...)
>
> host:/etc/samba # strings secrets.tdb | grep SID
> &SECRETS/SID/HOST
> &SECRETS/SID/DOMAIN <-- I think this is the problem, since a clean
> installation on a test machine gives only the first line from the same
> command, but I can't figure how to remove the entry.
Open up your ldap server in a tool like 'gq', and remove the incorrect
(or both) 'sambaDomain=DOMAIN' entry in your ldap database. Somehow,
you got two of them, and Samba doesn't like that.
Samba uses this to store the domain SID, and other information, in the
LDAP directory.
Andrew Bartlett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040923/c0163252/attachment.bin
More information about the samba
mailing list