[Samba] Very odd problem

Gaiseric Vandal gaiseric.vandal at gmail.com
Mon Nov 1 19:55:51 MDT 2010 

FYI

One of my win machines shows that the IP of the domain controller used for
login is the IP of one of the BDC's, not the IP of the BDC.


X:\>nbtstat -c
                  NetBIOS Remote Cache Name Table

        Name              Type       Host Address    Life [sec]
    ------------------------------------------------------------
    BDC1        <20>  UNIQUE          192.168.1.1        550
    PDC         <20>  UNIQUE          192.168.1.2        555
    DOMAIN      <1C>  GROUP           192.168.1.1        587




-----Original Message-----
From: Gaiseric Vandal [mailto:gaiseric.vandal at gmail.com] 
Sent: Monday, November 01, 2010 9:52 PM
To: samba at lists.samba.org
Subject: RE: [Samba] Very odd problem

I have a file /var/samba/locks/browse.dat.    Browsing does not require wins
so I suspect that deleting the wins cache was not sufficient. 

What is the output of "hosted" on the servers?  I am guessing that 408c9b2b
and 40899b2b are the host id's of your two servers.  

When you login to a domain from a Windows PC, it should authenticate (all
things being equal) to a BDC.  (nbtstat -c should show you which is the
controller and browser ip's.)    But I am pretty sure when you change
password it has to pass the request to the PDC.   So it seems like the BDC
can't find the PDC?

Do you have password sync enabled?  That sometimes causes problems- makes it
appear that windows pw changing is broken with it is actually a problem with
the password sync.

Can you shutdown the BDC temporarily, restart a windows client, use "nbtstat
-c" or "dcdiag" to verify the DC, and see it password changes work?



-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
On Behalf Of Donny Brooks
Sent: Monday, November 01, 2010 9:34 AM
To: samba at lists.samba.org
Subject: [Samba] Very odd problem

I had previously tried to migrate our PDC to a new machine by simply 
copying the config over and such. That failed miserably but luckily the 
various home servers (BDC's in samba speak I think) took up the slack. 
So after much debate, this weekend we moved the PDC back to the original 
machine. We never moved LDAP off of the original machine, as only samba 
functions moved.

I now know I did not move the PDC properly, as I should have set the new 
one up as a BDC and then made sure everything was working, then shut 
down the PDC and promote the new one to PDC by setting proper settings 
in smb.conf. With all that behind me I still face a few issues:

Our users are still unable to do the CTRL+ALT+DEL change password 
through windows. This only started occurring after the original move. 
Looking through the log.nmbd it appears it couldn't find the master 
browser. So after setting the stuff back to the original location and 
deleting the wins.tdb and wins.dat files on all the home servers and PDC 
I started up the PDC and then the others. I get this on the PDC:


[2010/11/01 08:09:04, 10] 
nmbd/nmbd_sendannounce.c:381(announce_myself_to_domain_master_browser)
   announce_myself_to_domain_master_browser: t (1288616942) - 
last(1288616642) < 900
[2010/11/01 08:09:04,  4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups)
   dump_workgroups()
    dump workgroup on subnet        10.8.2.3: netmask=  255.255.255.0:
         ADMIN(1) current master browser = ROARK
                 ROARK 408c9b2b (Roark)
                 ARCHIVES3 40809b1b (ARCHIVES3)
[2010/11/01 08:09:04,  4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups)
   dump_workgroups()
    dump workgroup on subnet  UNICAST_SUBNET: netmask=       10.8.2.3:
         WORKGROUP(6) current master browser = TESTPC1
         HPSEARCH(5) current master browser = SEARCHROOM1
         MYGROUP(4) current master browser = GISDUMP
         HPRES(3) current master browser = MSTOLL
         HP(2) current master browser = HSMT1
         ADMIN(1) current master browser = UNKNOWN
                 ROARK 40899b2b (Roark)

Roark is our PDC and Archives3 is our main BDC (secondary LDAP too). 
Something don't look quite right here since it appears it is trying to 
talk to two seperate Roark's.... ROARK 408c9b2b (Roark) first and then 
ROARK 40899b2b (Roark) secondly. What could cause this?

I just need to get this working as it was then we can work on getting 
the replacement done right. Thanks in advance.

Donny B.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list