[Samba] WG: Upgrading 3.2.15 to 3.3.12 sernet package on opensuse 10.2
Daniel Müller
mueller at tropenklinik.de
Wed Apr 14 08:27:47 MDT 2010
My Configuration,
On my PDC:
Samba version 3.2.15 /LDAP-Master (slurpd)/SMBD4wins <-- version 3.3.12
not working. Downgrade again
On my BDC:
Samba version 3.3.12 /LDAP-Slave <-- version 3.3.12 working
[global] on PDC
[global]
workgroup = tuepdc.local
bind interfaces only = true
interfaces = 192.168.135.143/24 127.0.0.0/8
socket address = 192.168.135.255
profile acls = no
hosts allow = 127.0.0.1 192.168.129.0/24 192.168.133.0/24 192.168.134.0/24
192.168.132.0/24 192.168.135.0/24 10.0.77.0/24
hosts deny = 0.0.0.0/0
server string = tuepdc.local MasterServer %v
admin users = root, administrator,marstaller
ldap passwd sync = Yes
passwd program = /usr/local/sbin/smbldap-passwd -u %u
log level = 0 vfs:[01]
log file = /system/log/%U.%m.log
syslog = 0
max log size = 3000
time server = Yes
read raw = yes
defer sharing violations = no
write raw = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
mangling method = hash2
dos charset = 850
unix charset = ISO8859-15
display charset = ISO8859-15
logon script = logon.bat
logon drive = S:
logon path =
security = user
domain logons = Yes
domain master = Yes
browse list = true
os level = 254
preferred master = Yes
wins support = no
wins server = 192.168.135.150
dns proxy = yes
smb ports = 139 445
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=admin,dc=tuepdc,dc=local
ldap suffix = dc=tuepdc,dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
add user script = /usr/local/sbin/smbldap-useradd -A 1 -B 1 -m -k /dummy
"%u"
delete user script = /usr/local/sbin/smbldap-userdel -r "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
client lanman auth = no
client ntlmv2 auth = yes
load printers = Yes
nt acl support = no
printing = cups
printcap name = cups
deadtime = 10
map to guest = Bad User
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
preserve case = yes
case sensitive = no
----------------------------------------------------------------------------
----
[global] on smbd4wins/pdc
[globals]
netbios name= tuepdc-wins
workgroup=tuepdc.local
bind interfaces only=yes
interfaces=192.168.135.150
ntpd:disable_broadcast=yes
wins server=192.168.135.150
log level=4
dns proxy=yes
----------------------------------------------------------------------------
---
[global] on BDC
[global]
workgroup = tuepdc.local
netbios name = tuebdc
enable privileges = yes
interfaces = 192.168.135.144/24 127.0.0.0/8
bind interfaces only=true
profile acls=no
hosts allow=127.0.0.1 192.168.129.0/24 192.168.133.0/24
192.168.134.0/24 192.168.132.0/24 192.168.135.0/24 10.0.77.0/24
hosts deny=0.0.0.0/0
large readwrite=no
max xmit=166644
server string = tuebdc.local BackupServer %v
admin users=root, administrator, marstaller
encrypt passwords = Yes
ldap passwd sync = Yes
passwd program = /usr/local/sbin/smbldap-passwd -u %u
log level = 0 vfs:[01]
log file=/system/log/%U.%m.log
syslog = 0
max log size = 3000
defer sharing violations=no
time server = Yes
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-15
display charset=ISO8859-15
logon script = logon.bat
logon drive = S:
logon path=
security=user
domain logons = Yes
domain master=NO
os level = 100
preferred master =Yes
local master =Yes
wins support = no
wins server=192.168.135.150
dns proxy=yes
host msdfs=yes
smb ports=139 445
passdb backend = ldapsam:ldap://127.0.0.1/
ldap admin dn = cn=admin,dc=tuepdc,dc=local
ldap suffix = dc=tuepdc,dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users
add user script = /usr/local/sbin/smbldap-useradd -A 1 -B 1 -m -k
/dummy "%u"
delete user script = /usr/local/sbin/smbldap-userdel -r "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
delete group script = /usr/local/sbin/smbldap-groupdel "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g '%g'
'%u'
idmap uid=15000-20000
idmap gid=15000-20000
ldap ssl=no
#vista compatibility
client lanman auth=no
client ntlmv2 auth=yes
load printers = Yes
nt acl support = No
printing = cups
printcap name = cups
deadtime = 10
guest account = nobody
map to guest = Bad User
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
preserve case = yes
short preserve case = yes
case sensitive = no
----------------------------------------------------------------------------
---------------
The error that occurred while samba talking to ldap on my PDC and only there
not on my BDC:
EXT oid=1.3.6.1.4.1.1466.20037
Apr 8 09:22:20 tuepdc slapd[7693]: do_extended: unsupported operation
"1.3.6.1.4.1.1466.20037"
Apr 8 09:22:20 tuepdc slapd[7693]: conn=441 op=0 RESULT tag=120 err=2
text=unsupported extended operation
No user could logon to the PDC nor did the account of the workstations
longer work.
The chaos was, that the Samba BDC only served a few users all other users
could not work any more.
So my question again: How can I bring the PDC to version 3.3.12 safely and
how can I guarantee the BDC
is taking over right in time and all of my users can work on.
Daniel
-----------------------------------------------
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------
-----Ursprüngliche Nachricht-----
Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im
Auftrag von Stan Hoeppner
Gesendet: Sonntag, 11. April 2010 00:20
An: samba at lists.samba.org
Betreff: Re: [Samba] Upgrading 3.2.15 to 3.3.12 sernet package on opensuse
10.2
Daniel Müller put forth on 4/10/2010 2:11 AM:
>
>
> Dear all, I have samba 3.2.15 PDC running with an openldap backend and
> smbd4wins on the same host. There is also a BDC the same as my PDC. After
I
> did an update to 3.3.12 on my BDC this worked on the fly without problems.
> Then I went on doing the same update on my PDC with the result of chaos.
No
> user was able to logon anymore , when I did a smbclient -L mypdc -N it was
> extremely slow, and my whole domain was down. After a few hours searching
> for the reasons, I only saw an error with the samba talking to my openldap
> on my PDC (this error was definitly not on my BDC with quiet the same
> configuration) that searching the ldap database. At the end the only way
to
> solve this was to downgrade again to 3.2.15. Is there a way to upgrade a
> samba PDC to 3.3.12 without fail!? Greetings Daniel
It might help if you share that error message with the list. Just telling
us that you upgraded Samba and something broke doesn't give us much to go
on. Error messages, relevant log entries, and config files are always
helpful.
--
Stan
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list