[Samba] netlogon initially fails after moving samba server to new machine.

David Mathog mathog at caltech.edu
Tue Sep 12 18:42:09 GMT 2006

Yesterday I migrated a Samba server from one machine running
Samba 3.0.13 (on Mandrake 10.0) to another running 3.0.20-3
(on Mandriva 2006).  The contents of:

 /etc/samba/*   (all the .conf files)
 /usr/local/samba/private/*  (secrets.pdb, smbpasswd)

were moved intact from one machine to the other, as was all
of the user data.  I even checked md5sums - no changes to any
of the samba files.  Then the new machine
was given the old machine's IP address and vice versa.  Reboot both
machines, start Samba on the new one, leave it off on the original
server. The firewall configuration
is identical on the two machines.

Verified that windows explorer (run as administrator on a test
machine) can mount any user (domain\username) without a problem.

One would think that the XP clients could then logon to the domain,
which moved intact to the new machine.  But no.  Attempts to login
to the domain failed until the following steps were taken on one

1.  login as administrator on the client.
2.  remove the client machine from the domain.
3.  reboot the client machine.
4.  smbpasswd -m -x clientname
5.  smbpasswd -m -a clientname
6.  login as administrator on the client.
7.  add the client to the domain.
8.  reboot the client.

After that I could login on that client, but logins on the other
clients say this:

Windows did not load your roaming profile and is attempting to log you
on with your local profile. Changes to the profile will not be copied to
the server when you logoff. Windows did not load your profile because a
server copy of the profile folder already exists that does not have the
correct security. Either the current user or the Administrator's group
must be the owner of the folder. Contact your network administrator. 

(Whether or not a local profile actually exists.)

I'm guessing that this too will go away once the second machine
is removed/added to the domain.  Testing...  Yes, that's true.

This is all very strange to me.  The only thing that the client
can see that differs between yesterday and today, near as I can tell,
is the MAC of the server. They are all on the same subnet, so
the client can see the MAC.  Else, how does the XP client realize
the server has changed and fail to logon?

This is only a minor PITA for me, since there are only 8 clients
involved.  It would be really painful though for a site with
hundreds of clients.


David Mathog
mathog at caltech.edu
Manager, Sequence Analysis Facility, Biology Division, Caltech

More information about the samba mailing list