[Samba] Migrated PDC to new server

Matt Ingram mingram at cbnco.com
Wed Jun 28 20:04:21 GMT 2006 

 I don't currently have that sort of logging setup.  How do I get it to 
generate those independant machine logs ?


Matt.

Marcin Giedz wrote:
> Matt Ingram napisał(a):
>> anyone ?
> What about the particular machine log file - the one you've been 
> trying to login from? What does he say? Because log.smbd is not a 
> place to find what is wrong. As I remember I had something 
> similar...but need more details.
>
> Regards,
> Marcin
>>
>> Matt Ingram wrote:
>>> I just migrated my SMB pdc to a new server (was running 3.0.21c, now 
>>> 3.0.22). Some things seems to be ok. net rpc list; net rpc testjoin 
>>> seem to work. But if I attempt to join a windows system to the 
>>> domain I get "The following error occured while attempting to join 
>>> to domain "DOMAINNAME": The user name could not be found". The 
>>> machine name is getting loaded into ldap.
>>>
>>> LDAP seems to be fine, getent passwd/group returns all the ldap 
>>> users; net groupmap list returns all the groups. I can shell in with 
>>> ldap accounts/
>>>
>>> I copied the old server's /etc/samba to the new server and I set the 
>>> new servers SID to be that of the old server.
>>>
>>> Also, I have a logon script on my BDC and my PDC. The BDC script 
>>> runs on the client boot up, but the PDC one isn't running.
>>>
>>> Any ideas?
>>>
>>> SMB.CONF
>>> [global]
>>> workgroup = DOMAINNAME
>>> netbios name = HOME
>>> server string = HOME
>>> passdb backend = ldapsam:ldap://ldap.domain
>>> username map = /etc/samba/smbusers
>>> printcap name = cups
>>> enable privileges = Yes
>>> log level = 2
>>> add user script = /usr/local/sbin/smbldap-useradd -m '%u'
>>> delete user script = /usr/local/sbin/smbldap-userdel %u
>>> add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
>>> delete group script = /usr/local/sbin/smbldap-groupdel '%g'
>>> add user to group script = /usr/local/sbin/smbldap-groupmod -m '%u' 
>>> '%g'
>>> delete user from group script = /usr/local/sbin/smbldap-groupmod -x 
>>> '%u' '%g'
>>> set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
>>> add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
>>> logon script = scripts\logon.bat
>>> # logon path = \\%L\Profiles\%U
>>> logon path =
>>> logon drive = H:
>>> logon home = \\%L\%U
>>> domain logons = Yes
>>> os level = 65
>>> preferred master = Yes
>>> domain master = Yes
>>> wins server = 172.30.30.25
>>> ldap suffix = ou=Accounts,dc=company,dc=com
>>> ldap machine suffix = ou=Computers
>>> ldap user suffix = ou=People
>>> ldap group suffix = ou=Posix,ou=Groups
>>> ldap idmap suffix = ou=idmap
>>> ldap admin dn = cn=Manager,dc=company,dc=com
>>> ldap ssl = no
>>> ldap passwd sync = No
>>> # idmap uid = 15000-20000
>>> # idmap gid = 15000-20000
>>> printing = cups
>>> map acl inherit = Yes
>>>
>>>
>>> here's my log.smbd when I tried to add the computer:
>>>
>>> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would 
>>> close all old resources.
>>> [2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would 
>>> close all old resources.
>>> [2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722)
>>> smbldap_open_connection: connection opened
>>> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
>>> init_sam_from_ldap: Entry found for user: root
>>> [2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
>>> init_group_from_ldap: Entry found for group: 512
>>> [2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307)
>>> check_ntlm_password: authentication for user [Administrator] -> 
>>> [root] -> [root] succeeded
>>> [2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614)
>>> Closing connections
>>> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would 
>>> close all old resources.
>>> [2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)
>>> setup_new_vc_session: New VC == 0, if NT4.x compatible we would 
>>> close all old resources.
>>> [2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722)
>>> smbldap_open_connection: connection opened
>>> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
>>> init_sam_from_ldap: Entry found for user: root
>>> [2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
>>> init_group_from_ldap: Entry found for group: 512
>>> [2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307)
>>> check_ntlm_password: authentication for user [Administrator] -> 
>>> [root] -> [root] succeeded
>>> [2006/06/23 11:28:29, 2] 
>>> rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670)
>>> Returning domain sid for domain DOMAINNAME -> 
>>> S-1-5-21-3186883984-1813041273-1898769360
>>> [2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614)
>>> Closing connections
>>>
>>> thanks in advance.
>>>
>>>
>>>
>>>
>>
>

-- 
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/

More information about the samba mailing list