On 12/02/09 01:51, Kevin Kimani wrote:
Hi all,
i have a setup where by there is a PDC thats authenticating users
through ldap. i have several other BDCs' that are doing the
replication of the main server. am trying to setup the users to be
authenticated by the BDC but am not able to. Any suggestions will be
quite helpful
Regards
kevin
Do you mean samba replication or ldap replication?
All DC's should be configured for
security=user
domain logons=yes
passdb backend = ldapsam:ldap://yourldapserver
They don't actually have to point to the same ldap server- they should
be able to point to a replica ldap server (if that exists.) The PDC
would have to point either to a master LDAP server or a writable
replica. I have been setting this up with Sun Directory Server so I
can't comment on OpenLDAP.
On each DC the " net getdomainsid" should show that the machine SID is
the same as the domain SID.
I would also make sure that the output of "net groupmap list" and
"pbedit -Lv" is the same on all DC's.
I would make sure that the following "net rpc user info" command is
returning the same results from each DC.
e.g
# net rpc user info someuser -U Administrator -S mypdc
Password:
Domain Users
Sales
Marketing
#
Make sure that all machines are using the same WINS server. I have my
PDC as the WINS server.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
