[Samba] maybe I should explain what i am after!

Fri Aug 3 23:36:08 GMT 2007

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

joop gerritse wrote, On 03-08-2007 16:07:
> I started just copying the smb.conf from the primary 
> controller, and setting the priority somewhat lower.
> I assumed that it would just lose the election from
> the PDC, and still stay present, and available.

	No, that's not //just// like that. You need to
change a few options in order to get the PDC/BDC expected
behaviour.


> I am aware of the difficulties of keeping the user 
> directories in sync; this would, in due course, require
> LDAP, but for the moment I decided that the user
> population is quite stable, so I just copy /etc/passwd
> and /etc/shadow and smbpasswd over in the --rare-- event
> that a user is added or removed.

	In fact, filesystem sync and account sync are two
different problems, they are related but not dependent.
You could use vampire or tdbsam or winbind or LDAP to keep
accounts in sync.


> 1. It is quite hard to even make the second controller 
> visible. In fact, I had to include a remote announce =
> <Ip address of PDC>/<workgroup name> line before it even
> showed up in Network Environment. And I am quite unsure
> whether this is the right way, it just worked, to some 
> extent.

	No, it is not. You should use a WINS server,
probably on the PDC, and properly use other paramenters
in smb.conf like 'local master' and 'preferred master'.


> 2. I am not sure whether the backup domain controller 
> will function as such. How could I be?

	Did you check the Official Samba HOWTO? Specially
the Domain Control chapter?

http://samba.org/samba/docs/man/Samba-HOWTO-Collection/ServerType.html#id327269
http://samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html


> If I take down the primary I might find out, but the 
> server is too critical for the whole organization to
> just try. How can I make sure that a BDC will work
> without taking down the PDC?

	First of all, you should use the right commands
and configuration options (man smb.conf) and you can
use a small network for the BDC, change a workstation
from PDC network to BDC one and see if it works.


> 3. And then there is the irregular behavior which I 
> mentioned before. Sometimes the host is visible, but
> the shares are inaccessible; sometimes I can even get
> a view of the shares, but I cannot access them. In
> addition, i have a far simpler configuration at home,
> where I can just read and write to the shares. So I
> know it can be done, but what are the rules?

	Samba needs some care and attention, specially
on special cases like PDC/BDC, the Samba By Example is
also a good read to understad real case scenarios.

http://samba.org/samba/docs/man/Samba-Guide/


> And I am no Windows expert. I know quite a lot about 
> Linux, but the apparent (lack of) logic in Windows
> baffles me.
> 
> That is the background. Maybe it helps to get the 
> right answers. thanks in advance for any attempts.
> 
> BTW I am quite happy with an RTFM answer, as long as 
> it's accompanied with a URL. I have read quite a few
> FMs, but so far without real enlightenment...

	This is not exactly a RTFM, but you will need to give
us more information if you really want help, smb.conf, logs
and better subject lines would be a great improvement.

	Kind regards,
- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGs7voCj65ZxU4gPQRCKGZAJ9WTXlq4h3te/i6GQcmtXrpDEhwiwCfaeGQ
+AChFqanodOyAjCBYF6uZL8=
=Y8nE
-----END PGP SIGNATURE-----