On Fri, 2010-02-05 at 10:21 +1100, Mike Fabre wrote: > Hello > > I have a network setup with one Samba PDC and two Samba BDCs separated > by routers (ref http://www.cybersource.com.au/users/mikef/samba/). In > this test environment the Samba servers all use the master OpenLDAP > server on the PDC, but the production system will have OpenLDAP > servers (using master-slave replication) on all Samba servers. > > I can't get the Windows XP client to change a password or enroll on > the domain when connected to either of the BDC's networks, however > both functions work fine when connected directly to the PDC's network. > If the XP client is enrolled onto the domain while connected to the > PDC's network then it successfully authenticates against the domain on > all three networks, incl after being relocated to either BDC network. > > Anyone got any ideas what my problem might be?
What you need to do is either install a central WINS server, and point the various networks at that single server, or (my preference) abuse the separation of 'netbios name space' that your router has created, and make all the Samba DCs PDCs of their own networks. That way, they will all be contacted for password changes, because on each of their local networks, they hold the DOMAIN#1B name. (They need not be read-write OpenLDAP replicas, as Samba happily handles the referral to the master for writes). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc.
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
