[Samba] PDC/BDC Problem
Florian Götz
f.goetz at hs-mannheim.de
Tue May 26 15:47:40 GMT 2009
Hi all,
I'm rather new to samba and trying to deploy a PDC/BDC Setup for our company.
Got some books and the manpages here to help me :)
The config-files are attached at the end of this mail. Used Samba is 3.2.7-11.6
on a SLES11 system.
The PDC is running as ROLE_DOMAIN_PDC says testparm, the BDC as
ROLE_DOMAIN_BDC.
Both DCs use a LDAP (OpenLDAP 2.4.12-7) for user authentication.
The LDAP system is also setup redundant, both sambas are using the primary
one. On both samba systems the smb and nmb daemons are running.
Question One: If I use the "nmblookup" TESTRZ command I get a response from
the BDC System. Shouldn´t the PDC be the one answering?
Question Two: If I connect the a share with my Ubuntu workstation I get a
connection without a problem. If I go to a Windows XP machine and open the
network, I can see the domain with the PDC and BDC inside. But only the BDC
can be accessed. If I try to open the PDC I get an error message about not
enough rights to access this resource.
I used old config files from our running samba system and tried to modify them
for a PDC/BDC setup. There might be some options in it which are outdated
today.
Best regards and thanks a lot for the help,
Florian Götz
smb.conf (PDC)
====================================
[global]
# General Server Settings
# -------------------------------------------------------------
#include = /etc/samba/dhcp.conf
workgroup = TESTRZ
server string = RZ Test Samba 143
interfaces = x.x.x.143/255.255.255.0 127.0.0.1/255.0.0.0
guest account = nobody
netbios name = PDC-TEST
os level = 25
preferred master = Yes
wins support = Yes
preserve case = yes
short preserve case = yes
case sensitive = no
nt acl support = no
deadtime = 10
time server = yes
dont descend = /proc,/dev/etc/lib/lost+found,initrd
Dos charset = 850
Unix charset = UTF8
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
domain logons = Yes
domain master = Yes
# Logon options
# --------------------------------------------------------------
map to guest = Bad User
logon path = \\%L\profiles
logon home = G:
logon drive = G:
#usershare allow guests = Yes
username map = /etc/samba/smbusers
security = user
encrypt passwords = yes
mangling method = hash2
unix password sync = yes
passwd program = /etc/smbldap-tools/smbldap-passwd -u %u
passwd chat = "Changing password for*\nNew password*" %n\n "*Retype
new passw$
enable privileges = yes
# LDAP Stuff
#---------------------------------------------------------------------
passdb backend = ldapsam:"ldap://127.0.0.1"
idmap backend = ldap:ldap://127.0.0.1
ldap admin dn = cn=admin,dc=example,dc=de
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
ldap passwd sync = Yes
ldap suffix = dc=example,dc=de
ldap user suffix = ou=Users
add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
add machine script = /etc/smbldap-tools/smbldap-useradd -t 0 -w "%u"
add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
delete group script = /etc/smbldap-tools/smbldap-groupdel "%g"
add user to group script = /etc/smbldap-tools/smbldap-groupmod
m"%u""%g"
delete user from group script = /etc/smbldap-tools/smbldap-groupmod -x
"%u" "$
set primary group script = /etc/smbldap-tools/smbldap-usermod -g '%g'
'%u'
add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody
-s /bin$
<some shares here>
smb.conf (BDC):
===========================================
same as above, only these columns are different:
domain master =no
netbios name = BDC-TEST
----------------------------------------------------------------------------------------
Dipl.-Inf. (FH) Florian Götz
Rechenzentrum Hochschule Mannheim
Paul-Wittsack-Straße 10
68163 Mannheim
Tel: 0621/292-6569
EMail: f.goetz at hs-mannheim.de
Internet: http://www.rz.hs-mannheim.de
-----
More information about the samba
mailing list