[Samba] PDC problems

Jason Baker jbaker at glastender.com
Wed May 2 13:42:02 GMT 2007 

I have a Samba PDC, running on Centos 4. The samba version is 
3.0.23d.30. I have an LDAP backend. Everything seems to be running fine. 
I recently configured a BDC, to help with load balancing and to act as a 
backup in the event the PDC went down. Before I installed the PDC, when 
a new user logged into the domain, their home directory on the PDC was 
automatically mapped to the drive letter U. Now that the BDC is running, 
when a new user logs into the domain, their home directory is 
automatically mapped to U, but it points to their home directory on the 
BDC and not the PDC. This created a problem at first because there were 
no home directories on the BDC. I mounted all home directories from the 
PDC to the BDC and it works fine, but why is the BDC the default home 
when a user logs in? Also, when a new user logs in, their login script 
is being pulled from the netlogon share on the BDC and not the PDC, so I 
had to make a copy of the netlogon directory from the PDC to the BDC. 
I'm assuming that I have something configured incorrectly. I have 
included the samba conf files from both PDC and BDC.

PDC Samba Conf:
[global]
        unix charset = LOCALE
        workgroup = mydomain
        netbios name = PDC
        server string = Domain Controller running %v
        interfaces = eth1, lo
        bind interfaces only = yes
        os level = 255
        preferred master = yes
        local master = yes
        domain master = yes
        security = user
        time server = yes
        username map = /etc/samba/smbusers
        wins support = yes
        encrypt passwords = yes
        pam password change = yes
        name resolve order = wins bcast hosts
        winbind nested groups = no
        passdb backend = ldapsam:"ldap://127.0.0.1 ldap://BDC"
        ldap passwd sync = Yes
        ldap suffix = dc=mydomain,dc=com
        ldap admin dn = cn=Manager,dc=mydomain,dc=com
        ldap ssl = no
        ldap group suffix = ou=Groups
        ldap user suffix = ou=People
        ldap machine suffix = ou=People
        ldap idmap suffix = ou=Idmap
        idmap backend = ldap:ldap://127.0.0.1/
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        map acl inherit = yes
        add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
        #delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
        add machine script = /etc/smbldap-tools/smbldap-useradd -w "%u"
        add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
        #delete group script = /etc/smbldap-tools/smbldap-groupdel "%g"
        add user to group script = /etc/smbldap-tools/smbldap-groupmod 
-m "%u" "%g"
        delete user from group script = 
/etc/smbldap-tools/smbldap-groupmod -x "%u" "%g"
        set primary group script = /etc/smbldap-tools/smbldap-usermod -g 
"%g" "%u"
        domain logons = yes
        log file = /var/log/samba/log.%m
        log level = 1
        syslog = 0
        max log size = 50
        #smb ports = 139 445
        smb ports = 139
        hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0
        # User profiles and home directories
        logon drive = U:
        logon path = \\%L\profiles\%U
        logon script = %U.bat
        large readwrite = no
        read raw = no
        write raw = no
        printcap name = /etc/printcap
        load printers = no
        printing =
        template shell = /bin/false
        winbind use default domain = no

BDC Samba Conf.
[global]
        unix charset = LOCALE
        workgroup = mydomain
        server string =  Backup Domain Controller
        security = domain
        username map = /etc/samba/smbusers
        log level = 1
        syslog = 0
        log file = /var/log/samba/%m.log
        max log size = 50
        smb ports = 139
        name resolve order = wins bcast hosts
        wins server = 172.16.24.7
        ldap suffix = dc=mydomain,dc=com
        ldap machine suffix = ou=People
        ldap user suffix = ou=People
        ldap group suffix = ou=Groups
        ldap idmap suffix = ou=Idmap
        ldap admin dn = cn=Manager,dc=mydomain,dc=com
        idmap backend = ldap:ldap://PDC
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind trusted domains only = yes
        password server = 172.16.24.7
        template shell = /bin/false
        domain master = no
        local master = no
        os level = 0
        preferred master = no
        winbind use default domain = no
        veto oplock files = /*.mbd/
        large readwrite = no
        read raw = no
        write raw = no 
        printcap name = /etc/printcap
        load printers = no
        printing =

-- 

*Jason Baker
*/IT Coordinator/


*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>

-----BEGIN GEEK CODE BLOCK----- 
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h--- 
r+++ y+++
------END GEEK CODE BLOCK------

More information about the samba mailing list