[Samba] Migrated PDC to new server
Matt Ingram
mingram at cbnco.com
Wed Jun 28 18:33:45 GMT 2006
anyone ?
Matt Ingram wrote:
> I just migrated my SMB pdc to a new server (was running 3.0.21c, now
> 3.0.22). Some things seems to be ok. net rpc list; net rpc testjoin
> seem to work. But if I attempt to join a windows system to the domain
> I get "The following error occured while attempting to join to domain
> "DOMAINNAME": The user name could not be found". The machine name is
> getting loaded into ldap.
>
> LDAP seems to be fine, getent passwd/group returns all the ldap users;
> net groupmap list returns all the groups. I can shell in with ldap
> accounts/
>
> I copied the old server's /etc/samba to the new server and I set the
> new servers SID to be that of the old server.
>
> Also, I have a logon script on my BDC and my PDC. The BDC script runs
> on the client boot up, but the PDC one isn't running.
>
> Any ideas?
>
> SMB.CONF
> [global]
> workgroup = DOMAINNAME
> netbios name = HOME
> server string = HOME
> passdb backend = ldapsam:ldap://ldap.domain
> username map = /etc/samba/smbusers
> printcap name = cups
> enable privileges = Yes
> log level = 2
> add user script = /usr/local/sbin/smbldap-useradd -m '%u'
> delete user script = /usr/local/sbin/smbldap-userdel %u
> add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
> delete group script = /usr/local/sbin/smbldap-groupdel '%g'
> add user to group script = /usr/local/sbin/smbldap-groupmod -m
> '%u' '%g'
> delete user from group script =
> /usr/local/sbin/smbldap-groupmod -x '%u' '%g'
> set primary group script = /usr/local/sbin/smbldap-usermod -g
> '%g' '%u'
> add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
> logon script = scripts\logon.bat
> # logon path = \\%L\Profiles\%U
> logon path =
> logon drive = H:
> logon home = \\%L\%U
> domain logons = Yes
> os level = 65
> preferred master = Yes
> domain master = Yes
> wins server = 172.30.30.25
> ldap suffix = ou=Accounts,dc=company,dc=com
> ldap machine suffix = ou=Computers
> ldap user suffix = ou=People
> ldap group suffix = ou=Posix,ou=Groups
> ldap idmap suffix = ou=idmap
> ldap admin dn = cn=Manager,dc=company,dc=com
> ldap ssl = no
> ldap passwd sync = No
> # idmap uid = 15000-20000
> # idmap gid = 15000-20000
> printing = cups
> map acl inherit = Yes
>
>
> here's my log.smbd when I tried to add the computer:
>
> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
> [2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722)
> smbldap_open_connection: connection opened
> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
> init_sam_from_ldap: Entry found for user: root
> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
> init_group_from_ldap: Entry found for group: 512
> [2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307)
> check_ntlm_password: authentication for user [Administrator] ->
> [root] -> [root] succeeded
> [2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614)
> Closing connections
> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
> all old resources.
> [2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722)
> smbldap_open_connection: connection opened
> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
> init_sam_from_ldap: Entry found for user: root
> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
> init_group_from_ldap: Entry found for group: 512
> [2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307)
> check_ntlm_password: authentication for user [Administrator] ->
> [root] -> [root] succeeded
> [2006/06/23 11:28:29, 2]
> rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670)
> Returning domain sid for domain DOMAINNAME ->
> S-1-5-21-3186883984-1813041273-1898769360
> [2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614)
> Closing connections
>
> thanks in advance.
>
>
>
>
--
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/
More information about the samba
mailing list