[Samba] Switching Ldap Servers

Jim Summers jsummers at cs.ou.edu
Tue May 9 14:14:46 GMT 2006

Hello List,

I am in the final throws of migrating our ldap servers.  I have been running 
samba as a pdc and using the ldap as the backend for over a year, and all is well.

I was testing the samba pdc against the new ldap servers and got the following 
errors in the log file for the machine attempting to connect:

net_auth2: creds_server_check failed

and the machine (xp) will not successfully connect/bind.

- I am running samba-3.0.22
- I have changed the password stored in the secrets file to match the new ldap 
admin DN, but that didn't help.
- All of the ldap entries were simply migrated over from the existing ldap to 
the new ldap.
- I can use smbclient and successfully get to a share.

I did see where one person was getting this error and I believe was able to 
remove the machine and then rejoin the domain.  Which led me to believe that 
possibly a SID or some descriptor has changed when I changed the password in 
the secrets file for the ldap manager DN.

I also have some standalone machines that simply map a share.  Will those 
continue to work?  My guess was yes since the smbclient is working and this 
seems to be machine bind issue.

I only have a small window each day to test and was hoping to be close to 
figuring this out before my next attempt.

Any tips / suggestions?

Jim Summers
School of Computer Science-University of Oklahoma

More information about the samba mailing list