[Samba] Problems with BDC authentication

Ron García-Vidal ghstwrtr at evilgenius.net
Fri Jul 1 13:12:51 MDT 2011

Today we had a problem with our Win NT4 PDC and discovered numerous 
failover issues with our Samba file server.

For starters, this is a Debian Etch machine running Samba-3.0.24-2.  At 
this point, this is a critical production machine.  Upgrading is on our 
to-do path, but is not an option for an immediate fix to this problem. 
With the exception of this problem, this Samba installation has been 
very stable thus far.

The issue is that when the PDC died, the Samba server was unable to 
authenticate any users.  I have security set to domain and the password 
server directive is set to *

When I do an nmblookup on the wins server specified in smb.conf I get:

nmblookup -U WINSSVR  -R DOMAIN#1C10.0.0.30 DOMAIN1<1c>
10.0.0.X DOMAIN<1c>
192.X.X.X DOMAIN<1c>

So the wins server can see both PDC and BDC.

If I try any of the following:
net rpc join -S BDC -U Administrator
net join -S BDC -U Administrator
net rpc join member -S BDC -U Administrator
net join -S BDC member -U Administrator

I get:
Creation of workstation account failed

Even though the BDC shows that this machine already has an account 
(replicated at some point from the PDC).

If I try this command without any -S servers listed, it give me a "No 
Suitable Server Found" error.

Can anyone help me fix this? I am trying to stabilize the NT PDC, but it 
becomes even more difficult to do when I can't take it offline since the 
Samba server seems to not be using the BDC.



More information about the samba mailing list