[Samba] How to Force Domain Clients to use new PDC

Gaiseric Vandal gaiseric.vandal at gmail.com
Thu Feb 16 09:59:00 MST 2012

Are all DC's truly in the same domain? ("net getdomainsid" command 
should show the same domain sid on all DC's.)    Were the new servers 
joined to the existing domain when setting up or did you just configure 
the same domain name.

What exactly are you using the NT4 server manager tool for?

Presumably all samba DC's and clients are pointing to the same WINS 
server.    Windows machines by default will prefer to authenticate 
against a BDC.   You can try to change this by increasing the "announce 
version" and "os level" parameters in the smb.conf file.    The only way 
to really force it is to NOT use wins and configure the client to use an 
lmhosts file to find the DC.

On 02/16/12 09:37, Wikked One wrote:
> Good Morning Samba Team,
>                  We’ve been using Samba 3.4.8 and
> OpenLdap as an NT domain PDC for a number of years, running on CentOS 5.7 64 bit.   In the
> meantime I’ve been configuring other systems to use a multimaster OpenLdap
> backend and implement TLS.  Obviously the
> first system does not communicate with the other 2 systems (now registered as
> BDC system on the same domain).
> I have imported the user,group and computer groups into the
> newer systems so that all password and user information is synchronized.
> We are also use Samba4Wins as our WINS server…..
> Now my question:  I
> can “promote” the target system I want to as the PDC by making a few changes to
> the smb.conf as well as the config file on the current PDC.
> When I use the old NT4 server manager tool the domain change
> seems to take a few minutes to register, however many of the domain member
> client systems (almost exclusively Windows XP Pro) are failing to recognize the
> change and still use the old PDC to login.
> How can I force the client systems to recognize the new PDC
> ?Is this dependent on the WINS servers?
> Thanks!

More information about the samba mailing list