[Samba] Issue with SambaNTPassword not replicating

stephen mulcahy smulcahy at aplpi.com
Tue Dec 9 12:22:07 GMT 2008


I set up a Samba PDC/BDC configuration some time ago using LDAP as 
configured here - http://www.atlanticlinux.ie/blog/?p=25

The configuration has been working without problems for a few months now 
but we have noticed one issue. When users take their laptop from the 
network the PDC is serving to the networking the BDC is serving - they 
sometimes have problems logging in.

A dig through the BDC logs indicates the following error

[2008/12/09 12:02:30, 0] rpc_server/srv_netlog_nt.c:_net_auth_2(478)
   _net_auth2: creds_server_check failed. Rejecting auth request from 
client XXXX machine account XXXX$

Comparing the LDAP records on the PDC and the BDC for system XXXX I see 
that the following fields are different

sambaNTPassword: 64AF0BD8913B5BD2F6B92201B2AFD071
sambaPwdLastSet: 1226922777

on the PDC and BDC LDAP servers. It looks like the PDC has a newer 
sambaNTPassword than the BDC which would seem to explain the domain 
authentication problems.

I'm wondering why only the sambaNTPassword field is not getting 
replicated properly though. Is this a known issue with Samba in PDC/BDC 
config or do I need to look to OpenLDAP? I'll post some config files if 
someone has any input but didn't want to clutter this mail with excess 

Thanks for any comment,


Stephen Mulcahy       Applepie Solutions Ltd.      http://www.aplpi.com
Registered in Ireland, no. 289353 (5 Woodlands Avenue, Renmore, Galway)

More information about the samba mailing list