[Samba] Re: net rpc vampire - cannot login to migrated computer
accounts
John H Terpstra
jht at samba.org
Sun Nov 13 16:41:29 GMT 2005
On Sunday 13 November 2005 09:21, Christoph Peus wrote:
> Christoph Peus wrote:
> > I've migrated our NT4 domain to sambe 3.0.20b/ldap backend with "net rpc
> > vampire", and nearly everything works as expected. But one big problem
> > remains: it's not possible to login to the domains member maschines now,
> > because "the domain is not available at the moment" (translated from
> > german). After the maschine rejoined the samba domain, login works. (But
> > this is not an option for our ~500 maschines...)
>
> I have to comment myself. I looked at the system eventlog of the client
> maschine and found the following error message from the netlogon service:
>
> "The domain of this computer (UNIWH) has been downgraded from Windows 2000
> or newer to Windows NT4 or older. This computer cannot function properly in
> this case for authentication purposes. This computer needs to rejoin the
> domain.
Corrent.
> The following error occurred: There are currently no logon servers
> available to service the logon request."
>
> Aha. That's a clear statement.
> It's true that the DC was downgraded from Windows 2000 to NT4, because the
> original domain is Windows 2000/AD runinng in mixed mode, but every
> reference to "net rpc vampire" and "AD in mixed mode" says that this works.
> Is it possible that "net rpc vampire" works only partially when used with
> AD/mixed mode?
The "net rpc vampire" migration process will migrate all accounts from ADS to
Samba-3 (NT4-style domain), but all machines will need to re-join the domain.
NT4 domain accounts can be migrated without need for domain members to be
rejoined to the domain. The "net rpc vampire" is inherently an NT4-style
migration process.
Samba-3 is not capable of being an ADS server, hence the need for domain
members to be re-joined to the domain.
> BTW: I'm not the first to encounter this problem. Another samba user (Kang
> Sun) reported exactly the same problem about a year ago, but didn't get an
> answer.
The mailing list is a subscriber supported facility. If anyone has an urgent
need for answers they should obtain paid support. Please refer to the Samba
web site for information regarding paid support sources.
Cheers,
John T.
More information about the samba
mailing list