[Samba] Samba as domain controller
Bruno Guerreiro
bruno.guerreiro at ine.pt
Wed Jan 11 09:35:27 GMT 2006
Hi,
> -----Original Message-----
> From: Andreas Fladischer [mailto:andreas.fladischer at ecofinance.com]
> Sent: quarta-feira, 11 de Janeiro de 2006 9:26
> To: samba at lists.samba.org
> Subject: [Samba] Samba as domain controller
>
> hi at all!
>
> i set up a system where samba is a primary and a secondary
> domain controller; the authentication is over ldap and
> everything works fine but....
>
> i would like to test what happen when the pdc is down and so
> i shutdown the smb service on the pdc. the logins from all
> clients worked well on the bdc but when i try to join a new
> machine to the domain, it can't contact the domain controller
> (ok because the pdc is down). my question is, wheather it is
> possible to configure the bdc so, that i can join to the
> domain when the pdc is down?
That's the normal behaviour on an NT Domain. When the PDC is no users can be
modified or machines added. The Domain enters a reand-only state. The only
way would be to "promote" the BDC to PDC.
> my second question is wheather it is possible, that all
> administrative users can join a new machine to the domain and
> not only the root user?
Yes, if using privileges you must set the SeMachineAccountPrivilege.
Something like
net rpc rights grant username SeMachineAccountPrivilege
Hope this helps,
Bruno Guerreiro
>
> with best regards
>
> Andreas
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list