[Samba] BDC keeps taking over and not allowing logins from NT PDC
Pat Riehecky
prieheck at iwu.edu
Fri May 11 16:29:25 GMT 2007
Hello, thanks for looking over my ramblings...
We have an NT4 PDC with and NT4 BDC on 192.168.132.X, these boxes are
very very old and overloaded. I am trying to replace them with a nice
shinny new Samba box. My problem is that while I am trying to test it
out to make sure it plays nice it keeps winning the elections.
I find this weird as I have set the box to domain master = no and turned
the os level and announce values to really low values.
When it does win no one can login to the domain (and therefore their
workstations) and I have to stop samba to get users back logging in and
able to work.
I joined it to the domain via:
net rpc join -S [NT netbios name or IP] -UAdministrator%password
I got BDC rights and ran:
# net rpc vampire -S [NT netbios name or IP] -W [domainname]
-UAdministrator%password
About the time that users reported login problems I got lots of copies
of
[2007/05/11 08:01:14, 0] lib/util_sock.c:get_peer_addr(1225)
getpeername failed. Error was Transport endpoint is not connected
in /var/log/log.smbd
To add further complexity the samba box is on a 10. address while the
PDC and BDC are on 192.168. addresses. Is this a problem?
Any ideas why it is winning the election, why users cannot login to
their systems, is my switch to a different address space a problem?
Thanks!
-- data snippets --
# ping 192.168.132.15
PING 192.168.132.15 (192.168.132.15) 56(84) bytes of data.
64 bytes from 192.168.132.15: icmp_seq=1 ttl=127 time=0.282 ms
64 bytes from 192.168.132.15: icmp_seq=2 ttl=127 time=0.228 ms
64 bytes from 192.168.132.15: icmp_seq=3 ttl=127 time=0.240 ms
--- 192.168.132.15 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.228/0.250/0.282/0.023 ms
# pdbedit -Lv prieheck
Unix username: prieheck
NT username: prieheck
Account Flags: [UX ]
User SID: S-1-5-21-769903590-661906358-2446119016-1958
Primary Group SID: S-1-5-21-769903590-661906358-2446119016-513
Full Name: Pat Riehecky
Home Directory: \\files\prieheck
HomeDir Drive:
Logon Script:
Profile Path: \\files\prieheck\profile
Domain: IWUADMIN
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Mon, 18 Jan 2038 21:14:07 CST
Kickoff time: Mon, 18 Jan 2038 21:14:07 CST
Password last set: Fri, 30 Mar 2007 09:00:41 CDT
Password can change: 0
Password must change: Mon, 18 Jan 2038 21:14:07 CST
Last bad password : 0
Bad password count : 0
Logon hours : FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
# testparm
[global]
display charset = UTF8
workgroup = IWUADMIN
server string = %h server (Samba, Ubuntu)
announce version = 2.0
announce as = win95
os level = 0
obey pam restrictions = Yes
passdb backend = tdbsam
algorithmic rid base = 10000
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew
\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
username map = /etc/samba/users.map
restrict anonymous = 2
lanman auth = No
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
log level = 1
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
min protocol = NT1
max mux = 100
change notify timeout = 300
deadtime = 900
max disk size = 5240
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
SO_KEEPALIVE IPTOS_LOWDELAY
load printers = No
add user script = /usr/sbin/adduser --quiet --disabled-password
--gecos "" %u
delete user script = /usr/sbin/userdel -r '%u'
add group script = /usr/sbin/groupadd '%g'
delete group script = /usr/sbin/groupdel '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
add machine script = /usr/sbin/useradd -s /bin/false
-d /dev/null '%u'
lm announce = No
preferred master = No
domain master = No
wins server = 192.168.132.25
panic action = /usr/share/samba/panic-action %d
invalid users = backup, bin, daemon, dhcp, games, gnats, irc,
klog, list, lp, mail, man, news, nobody, postfix, proxy, sync, sys,
syslog, uucp, www-data, root
hosts allow = 192.168.132., 10., 172.16.1., 127.0.0.1
remote announce = 192.168.132.255/IWUADMIN
[homes]
comment = Home Directories
valid users = %S
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
guest ok = Yes
share modes = No
[template]
path = /tmp
read only = No
create mask = 0775
directory mask = 0775
strict allocate = Yes
preserve case = No
hide special files = Yes
hide unreadable = Yes
hide unwriteable files = Yes
browseable = No
fstype = FAT
wide links = No
[TEST]
copy = template
path = /home/prieheck
comment = just a test of group stuff
valid users = @it
force group = it
# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:1A:4B:0A:57:12
inet addr:10.132.0.30 Bcast:10.132.0.255 Mask:255.255.255.0
inet6 addr: fe80::21a:4bff:fe0a:5712/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:305547 errors:0 dropped:0 overruns:0 frame:0
TX packets:294673 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:74791511 (71.3 MiB) TX bytes:142754073 (136.1 MiB)
Interrupt:169
# cat /etc/issue
Ubuntu 6.10 \n \l
# uname -a
Linux files 2.6.17-11-server #2 SMP Tue Mar 13 23:33:44 UTC 2007 i686
GNU/Linux
# dpkg -l |grep samba
ii libcrypt-smbhash-perl 0.12-1
ii samba 3.0.22-1ubuntu4.1
ii samba-common 3.0.22-1ubuntu4.1
More information about the samba
mailing list