[Samba] Migrated PDC to new server

Marcin Giedz marcin.giedz at altvision.pl
Wed Jun 28 18:45:10 GMT 2006 

Matt Ingram napisał(a):
> anyone ?
What about the particular machine log file - the one you've been trying 
to login from? What does he say? Because log.smbd is not a place to find 
what is wrong. As I remember I had something similar...but need more 
details.

Regards,
Marcin
>
> Matt Ingram wrote:
>> I just migrated my SMB pdc to a new server (was running 3.0.21c, now 
>> 3.0.22). Some things seems to be ok. net rpc list; net rpc testjoin 
>> seem to work. But if I attempt to join a windows system to the domain 
>> I get "The following error occured while attempting to join to domain 
>> "DOMAINNAME": The user name could not be found". The machine name is 
>> getting loaded into ldap.
>>
>> LDAP seems to be fine, getent passwd/group returns all the ldap 
>> users; net groupmap list returns all the groups. I can shell in with 
>> ldap accounts/
>>
>> I copied the old server's /etc/samba to the new server and I set the 
>> new servers SID to be that of the old server.
>>
>> Also, I have a logon script on my BDC and my PDC. The BDC script runs 
>> on the client boot up, but the PDC one isn't running.
>>
>> Any ideas?
>>
>> SMB.CONF
>> [global]
>> workgroup = DOMAINNAME
>> netbios name = HOME
>> server string = HOME
>> passdb backend = ldapsam:ldap://ldap.domain
>> username map = /etc/samba/smbusers
>> printcap name = cups
>> enable privileges = Yes
>> log level = 2
>> add user script = /usr/local/sbin/smbldap-useradd -m '%u'
>> delete user script = /usr/local/sbin/smbldap-userdel %u
>> add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
>> delete group script = /usr/local/sbin/smbldap-groupdel '%g'
>> add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' '%g'
>> delete user from group script = /usr/local/sbin/smbldap-groupmod -x 
>> '%u' '%g'
>> set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
>> add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
>> logon script = scripts\logon.bat
>> # logon path = \\%L\Profiles\%U
>> logon path =
>> logon drive = H:
>> logon home = \\%L\%U
>> domain logons = Yes
>> os level = 65
>> preferred master = Yes
>> domain master = Yes
>> wins server = 172.30.30.25
>> ldap suffix = ou=Accounts,dc=company,dc=com
>> ldap machine suffix = ou=Computers
>> ldap user suffix = ou=People
>> ldap group suffix = ou=Posix,ou=Groups
>> ldap idmap suffix = ou=idmap
>> ldap admin dn = cn=Manager,dc=company,dc=com
>> ldap ssl = no
>> ldap passwd sync = No
>> # idmap uid = 15000-20000
>> # idmap gid = 15000-20000
>> printing = cups
>> map acl inherit = Yes
>>
>>
>> here's my log.smbd when I tried to add the computer:
>>
>> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
>> all old resources.
>> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
>> all old resources.
>> [2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722)
>> smbldap_open_connection: connection opened
>> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
>> init_sam_from_ldap: Entry found for user: root
>> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
>> init_group_from_ldap: Entry found for group: 512
>> [2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307)
>> check_ntlm_password: authentication for user [Administrator] -> 
>> [root] -> [root] succeeded
>> [2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614)
>> Closing connections
>> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
>> all old resources.
>> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
>> all old resources.
>> [2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722)
>> smbldap_open_connection: connection opened
>> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
>> init_sam_from_ldap: Entry found for user: root
>> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
>> init_group_from_ldap: Entry found for group: 512
>> [2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307)
>> check_ntlm_password: authentication for user [Administrator] -> 
>> [root] -> [root] succeeded
>> [2006/06/23 11:28:29, 2] 
>> rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670)
>> Returning domain sid for domain DOMAINNAME -> 
>> S-1-5-21-3186883984-1813041273-1898769360
>> [2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614)
>> Closing connections
>>
>> thanks in advance.
>>
>>
>>
>>
>

More information about the samba mailing list