[Samba] Server Migration Problem

Matt Skerritt matt.skerritt at agrav.net
Thu Oct 2 08:26:38 GMT 2008


I am in the process of finishing a server migration (to a new server),  
and am having problems with samba on the new server.  The old server  
was running samba 3.0.22-r3 on a Gentoo machine, and the new server is  
running Samba 3.0.25a on a Solaris 10 machine. I have copied the files  
across OK, I have copied the samba configuration OK, samba runs fine,  
connects to the ldap backend fine, seems to check passwords fine, and  
even lets me connect to the file shares just fine.

The problem is that the clients don't recognise the new server as  
their domain controller. Attempts to log in with a username that is  
not already cached on the client returns a "The domain <DOMAIN> is not  
available" error.  If I remove the computer from the domain, and then  
try reconnect it, it brings up the error saying "A domain controller  
for domain <DOMAIN> could not be contacted", and an advanced info  
button seems to indicate that I should check that my domain is  
registered properly in WINS.

Doing a smbclient -L //<NEWSERVERNAME>/  gives me:

> Domain=[<DOMAIN>] OS=[Unix] Server=[Samba 3.0.25a]
>         Sharename       Type      Comment
>         ---------       ----      -------
>         temp            Disk
>         test            Disk
>         c               Disk
>         blah         Disk
>         stuff          Disk
>         IPC$            IPC       IPC Service (Allstaff Fileserver)
>         someuser            Disk      Home Directories
> Domain=[<DOMAIN>] OS=[Unix] Server=[Samba 3.0.25a]
>         Server               Comment
>         ---------            -------
>         BROTHER1
>         BROTHER2
>         <OLDSERVERNAME>              Fileserver
>         <NEWSERVERNAME>       New Fileserver
>         Workgroup            Master
>         ---------            -------
>         <DOMAIN>             <OLDSERVERNAME>

(I've changed the names here to protect the innocent, but I think I've  
kept it unambiguous).

If I log onto the clients, (using a username whose password is cached  
by the client) I notice that the environment variable LOGONSERVER is  
still set to the name of the old server.  That may just be part of the  
caching, however - I'm not sure.

Any ideas on what I should do?  Do I need to change the sambaSID entry  
in the sambaDomainName=<DOMAIN>,<LDAPBASE>  entry of my ldap server?

Included here is a copy of my smb.conf, if that helps.

> [global]
>         workgroup = <DOMAIN>
>         realm = <DOMAIN>
>         server string = Fileserver
>         map to guest = Bad User
>         # smb passwd file = /etc/samba/private/smbpasswd
>         passdb backend = ldapsam:ldap://ldap.dns.domain/
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         logon script = logon.cmd
>         logon path = \\%N\profiles\%U
>         logon drive = H:
>         logon home = \\fileserver\%U
>         domain logons = Yes
>         os level = 255
>         preferred master = Yes
>         domain master = Yes
>         dns proxy = No
>         wins support = Yes
>         ldap admin dn = cn=IT_Administrator,<LDAP SUFFIX>
>         ldap group suffix = ou=Group
>         ldap idmap suffix = ou=Idmap
>         ldap machine suffix = ou=Computers,ou=Users
>         ldap suffix = <LDAP SUFFIX>
>         #ldap ssl = start tls
>         ldap user suffix = ou=People,ou=Users
>         template homedir = /dev/null
>         nt acl support = Yes
>         ea support = Yes
>         map acl inherit = Yes
>         print command = /usr/bin/lp -d '%p' %s; rm %s
>         lpq command = /usr/bin/lpstat -o '%p'
>         lprm command = /usr/bin/cancel '%p-%j'
>         lppause command = lp -i '%p-%j' -H hold
>         lpresume command = lp -i '%p-%j' -H resume
>         queuepause command = /usr/bin/disable '%p'
>         queueresume command = /usr/bin/enable '%p'
>         hide files = /thumbs.db/Thumbs.db/

Thanks in advance.

Matt Skerritt
matt.skerritt at agrav.net

More information about the samba mailing list