[Samba] Promoting Samba BDC to PDC
Pavan krishna
p.krishna at diversityarrays.com
Thu Nov 17 22:49:39 GMT 2005
Hi Adrian,
Thank you for your reply. Yeah i have done what you have
described already, but the problem is that my client machine is not able
to detect the BDC, though my testparm on the BDC shows me no errors. And
yes the LDAP administrative password is stored in secrets.tdb else i
cannot join my client machine to the domain and cannot even make changes
to the ldapsam database with the admindn user.
Do you think i need to add something else on the Samba BDC file,
following are my configuration settings for the BDC using the replicated
ldapsam database.
[global]
workgroup = testdom
interfaces = 127.0.0.1/255.255.255.0 192.168.9.238
printing = cups
printcap name = cups
printer admin = @ntadmin, root, administrator
map to guest = Bad User
security = user
encrypt passwords = yes
allow trusted domains = yes
server string = Samba Server
add machine script = /usr/sbin/useradd -c Machine -d
/var/lib/nobody -s /bin/false %m$
domain master = no
admin users = root
hosts allow=192.168.9. 255.255.255. localhost
remote announce=192.168.9.255
domain logons = yes
preferred master=no
enhanced browsing=yes
local master = yes
unix password sync = no
passwd program = /bin/passwd %u
ldap passwd sync = yes
ldap delete dn = no
pam password change = yes
preferred master = yes
os level = 65
ldap suffix = dc=dart,dc=com
ldap user suffix = ou=People
ldap group suffix = ou=Group
passdb backend = ldapsam:ldap://localhost
netbios name = dartlinux
username map = /etc/samba/smbusers
logon home = \\%L\%U\.profile
logon drive = H:
logon path = \\%L\profiles\%U
logon script = netlogon.bat
wins support = yes
log file = /var/log/samba/log.%m
log level = 5
ldap admin dn = uid=root,ou=People,dc=dart,dc=com
idmap backend = ldap:ldap://localhost
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
thanks,
pavan.
adrian sender wrote:
> Hello Pavan
>
> Firstly have you been following the samba guide - Samba 3 by example
> by John Terpstra.
>
> Chapter 5.
>
> You must now set the LDAP administrative password into the Samba-3
> secrets.tdb file by executing this command:
>
> root# smbpasswd -w not24get
> Setting stored password for "cn=Manager,dc=abmas,dc=biz" in secrets.tdb
>
>
> Now you must obtain the domain SID from the PDC and store it into the
> secrets.tdb file also. This step is not necessary with an LDAP passdb
> backend because Samba-3 obtains the domain SID from the sambaDomain
> object it automatically stores in the LDAP backend. It does not hurt
> to add the SID to the secrets.tdb, and if you wish to do so, this
> command can achieve that:
>
> root# net rpc getsid MEGANET2
> Storing SID S-1-5-21-3504140859-1010554828-2431957765 \
> for Domain MEGANET2 in secrets.tdb
>
> Regards,
>
> Adrian Sender.
>
>
> -------------------------------------------------------------------------------
>
> Hi All,
>
> Has any one got an idea of how to make clients automatically
> find the BDC when the PDC is stopped. Both PDC and BDC are running by
> Samba authenticating again a LDAPSAM backend replicated on both the
> PDC with master LDAP database and BDC with replicated LDAP database.
> But when I stop PDC the clients are not detecting the BDC broadcast. I
> can see that the replication is of the OpenLDAP data is perfect.
>
> Any idea of where i may be wrong??
>
> thankx in advance.
>
> pavan.
> ---------------------------------------------------------------------------
>
>
>
--
Pavan Krishna L
Systems Administrator
Diversity Arrays Technology Pty Ltd
Ph: +61 2 6281 8512
Fax: +61 2 6281 8533
Mob: +61 423 411 281
More information about the samba
mailing list