[Samba] Samba bdc

Tomasz Chmielewski mangoo at mch.one.pl
Fri Jul 1 21:11:44 GMT 2005 

Scott Mayo schrieb:
> Tomasz Chmielewski wrote:
> 
>> Scott Mayo schrieb:
>>
>>> I have two serves set up.  One will be my PDC (master) and the other 
>>> will be my BDC (slave).  I have openldap setup and replicating the 
>>> data between the two servers.
>>>
>>> Everything seems to work fine from the Master, but I have one problem 
>>> with the slave.  From the slave, I can do an ldapsearch and everthing 
>>> is fine.  But when I do a 'pdbedit -L', I get the following:
>>>
>>> Unknown parameter encountered "ldap map suffix"
>>> Ignoring unknown parameter "ldap map suffix"
>>> failed to bind to server with dn="blah,blah"  Error: Can't contact 
>>> LDAP server (unknown)
>>> smbldap_search_suffix: Problem during the ldap search (unknown) Timed 
>>> out
>>>
>>> Everything works fine with any ldap command that I enter, so I assume 
>>> that it is something to do with samba.  Also,I can logon to the 
>>> Master server with a Windows client just fine.  If I take the Master 
>>> down and then try to login with my windows client, it tells me the 
>>> domain is not available.  I would have thought the BDC would have 
>>> taken over.  Any ideas what to look at?  I can post my conf files if 
>>> need be.
>>
>>
>>
>> It looks like the replication is configured (is it?), but not Samba.
>>
>> 1)
>> Do you see users added on PDC also on BDC?
>>
>> use "getent passwd" for that.
> 
> 
> Yes, that works.
> 
>>
>> 2)
>> Did you do "testparm"?
>> It will check your smb.conf for errors.
> 
> 
> Yes, everything seem to be alright there

well, that contradicts what you said before:


Unknown parameter encountered "ldap map suffix"
Ignoring unknown parameter "ldap map suffix"

> 
> 
>> 3)
>> BDC would take over domain logons (but not domain joins) only if it's 
>> configured properly.
>> In your case, it looks like it isn't.
> 
> 
> Any idea what I need to look at?  Strange thing is this:
> 
> I have a script that builds my login batch files on the go and saves 
> them in the netlogon directory.  If the PDC is up by itself, then it 
> works fine.  When I bring the BDC up and login with the client, it saves 
> the batch file to the BDC's netlogon directory.  But if I take down the 
> PDC then the client cannot login to the BDC.
> 
> I actually got it to where the 'pdbedit -L' works while the Master is 
> up, but if I take down the master then I get errors.

well, I'd do some more things.

1) set log level to 3 in smb.conf
2) stop Samba
3) remove logs from /var/log/samba
4) start Samba
5) see the logs if there are any indications about failures in 
contacting LDAP?
6) see BDC and PDC logs and search who the PDC *really* is (maybe BDC 
doesn't know it for some reason)?

7) can you add usernames/workstations from command line on BDC?

smbldap-useradd -w testworkstation

getent passwd


8) you might also want to stop Samba, remove all *.tdb files, and start 
it once again - make a backup of these files, I don't want to break 
anything in your setup :)


hmmm, that would be it for now?


-- 
Tomek
WPKG - deploy software to Windows workstations with Samba
http://wpkg.org

More information about the samba mailing list