[Samba] Migrated PDC to new server

Matt Ingram mingram at cbnco.com
Wed Jun 28 18:33:45 GMT 2006 

anyone ?

Matt Ingram wrote:
> I just migrated my SMB pdc to a new server (was running 3.0.21c, now 
> 3.0.22).  Some things seems to be ok. net rpc list; net rpc testjoin 
> seem to work. But if I attempt to join a windows system to the domain 
> I get "The following error occured while attempting to join to domain 
> "DOMAINNAME": The user name could not be found".   The machine name is 
> getting loaded into ldap.
>
> LDAP seems to be fine, getent passwd/group returns all the ldap users; 
> net groupmap list returns all the groups. I can shell in with ldap 
> accounts/
>
> I copied the old server's /etc/samba to the new server and I set the 
> new servers SID to be that of the old server.
>
> Also, I have a logon script on my BDC and my PDC.  The BDC script runs 
> on the client boot up, but the PDC one isn't running.
>
> Any ideas?
>
> SMB.CONF
> [global]
>        workgroup = DOMAINNAME
>        netbios name = HOME
>        server string = HOME
>        passdb backend = ldapsam:ldap://ldap.domain
>        username map = /etc/samba/smbusers
>        printcap name = cups
>        enable privileges = Yes
>        log level = 2
>        add user script = /usr/local/sbin/smbldap-useradd -m '%u'
>        delete user script = /usr/local/sbin/smbldap-userdel %u
>        add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
>        delete group script = /usr/local/sbin/smbldap-groupdel '%g'
>        add user to group script = /usr/local/sbin/smbldap-groupmod -m 
> '%u' '%g'
>        delete user from group script = 
> /usr/local/sbin/smbldap-groupmod -x '%u' '%g'
>        set primary group script = /usr/local/sbin/smbldap-usermod -g 
> '%g' '%u'
>        add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
>        logon script = scripts\logon.bat
> #       logon path = \\%L\Profiles\%U
>        logon path =
>        logon drive = H:
>        logon home = \\%L\%U
>        domain logons = Yes
>        os level = 65
>        preferred master = Yes
>        domain master = Yes
>        wins server = 172.30.30.25
>        ldap suffix = ou=Accounts,dc=company,dc=com
>        ldap machine suffix = ou=Computers
>        ldap user suffix = ou=People
>        ldap group suffix = ou=Posix,ou=Groups
>        ldap idmap suffix = ou=idmap
>        ldap admin dn = cn=Manager,dc=company,dc=com
>        ldap ssl = no
>        ldap passwd sync = No
> #       idmap uid = 15000-20000
> #       idmap gid = 15000-20000
>        printing = cups
>        map acl inherit = Yes
>
>
> here's my log.smbd when I tried to add the computer:
>
> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
> all old resources.
> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
> all old resources.
> [2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722)
>  smbldap_open_connection: connection opened
> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
>  init_sam_from_ldap: Entry found for user: root
> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
>  init_group_from_ldap: Entry found for group: 512
> [2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307)
>  check_ntlm_password:  authentication for user [Administrator] -> 
> [root] -> [root] succeeded
> [2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614)
>  Closing connections
> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
> all old resources.
> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
> all old resources.
> [2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722)
>  smbldap_open_connection: connection opened
> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
>  init_sam_from_ldap: Entry found for user: root
> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
>  init_group_from_ldap: Entry found for group: 512
> [2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307)
>  check_ntlm_password:  authentication for user [Administrator] -> 
> [root] -> [root] succeeded
> [2006/06/23 11:28:29, 2] 
> rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670)
>  Returning domain sid for domain DOMAINNAME -> 
> S-1-5-21-3186883984-1813041273-1898769360
> [2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614)
>  Closing connections
>
> thanks in advance.
>
>
>
>

-- 
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/

More information about the samba mailing list