[Samba] Migrated PDC to new server
Matt Ingram
mingram at cbnco.com
Fri Jun 23 15:33:27 GMT 2006
I just migrated my SMB pdc to a new server (was running 3.0.21c, now
3.0.22). Some things seems to be ok. net rpc list; net rpc testjoin
seem to work. But if I attempt to join a windows system to the domain I
get "The following error occured while attempting to join to domain
"DOMAINNAME": The user name could not be found". The machine name is
getting loaded into ldap.
LDAP seems to be fine, getent passwd/group returns all the ldap users;
net groupmap list returns all the groups. I can shell in with ldap accounts/
I copied the old server's /etc/samba to the new server and I set the new
servers SID to be that of the old server.
Also, I have a logon script on my BDC and my PDC. The BDC script runs
on the client boot up, but the PDC one isn't running.
Any ideas?
SMB.CONF
[global]
workgroup = DOMAINNAME
netbios name = HOME
server string = HOME
passdb backend = ldapsam:ldap://ldap.domain
username map = /etc/samba/smbusers
printcap name = cups
enable privileges = Yes
log level = 2
add user script = /usr/local/sbin/smbldap-useradd -m '%u'
delete user script = /usr/local/sbin/smbldap-userdel %u
add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/local/sbin/smbldap-groupdel '%g'
add user to group script = /usr/local/sbin/smbldap-groupmod -m
'%u' '%g'
delete user from group script = /usr/local/sbin/smbldap-groupmod
-x '%u' '%g'
set primary group script = /usr/local/sbin/smbldap-usermod -g
'%g' '%u'
add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
logon script = scripts\logon.bat
# logon path = \\%L\Profiles\%U
logon path =
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins server = 172.30.30.25
ldap suffix = ou=Accounts,dc=company,dc=com
ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Posix,ou=Groups
ldap idmap suffix = ou=idmap
ldap admin dn = cn=Manager,dc=company,dc=com
ldap ssl = no
ldap passwd sync = No
# idmap uid = 15000-20000
# idmap gid = 15000-20000
printing = cups
map acl inherit = Yes
here's my log.smbd when I tried to add the computer:
[2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722)
smbldap_open_connection: connection opened
[2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
init_sam_from_ldap: Entry found for user: root
[2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
init_group_from_ldap: Entry found for group: 512
[2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307)
check_ntlm_password: authentication for user [Administrator] ->
[root] -> [root] succeeded
[2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614)
Closing connections
[2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722)
smbldap_open_connection: connection opened
[2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
init_sam_from_ldap: Entry found for user: root
[2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
init_group_from_ldap: Entry found for group: 512
[2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307)
check_ntlm_password: authentication for user [Administrator] ->
[root] -> [root] succeeded
[2006/06/23 11:28:29, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670)
Returning domain sid for domain DOMAINNAME ->
S-1-5-21-3186883984-1813041273-1898769360
[2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614)
Closing connections
thanks in advance.
--
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/
More information about the samba
mailing list