Hi Im looking to config a BDC with ldap. It seems the connection with ldap primary server works, but Im confused with the shared folders. I understood when you creates a BDC needs to put the same global information:
[global] workgroup = DOMAIN netbios name = DOMAIN-PDC security = user enable privileges = yes interfaces = 127.0.0.0/8 eth0 10.0.1.0/24 10.0.0.0/24 server string = DOMAIN Primary Domain Controller encrypt passwords = true unix password sync = no ldap passwd sync = yes passwd program = /usr/bin/smbldap-passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . log level = 1 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = yes #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = UTF-8 domain logons = yes domain master = yes logon path = logon drive = logon home = logon script = logon.bat local master = yes preferred master = yes os level = 65 wins support = yes dns proxy = yes panic action = /usr/share/samba/panic-action %d server signing = auto server schannel = auto winbind trusted domains only = yes winbind use default domain = yes passdb backend = ldapsam:"ldap://127.0.0.1" ldap admin dn = cn=admin,dc=domain,dc=es ldap suffix = dc=domain,dc=es ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap ssl = no ldap delete dn = yes add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" load printers = yes create mask = 0774 directory mask = 0775 nt acl support = no printing = cups printcap name = cups deadtime = 60 keepalive = 60 guest account = nobody map to guest = bad user dont descend = /proc,/dev,/etc,/lib,/lost+found show add printer wizard = yes preserve case = yes short preserve case = yes case sensitive = no usershare allow guests = yes And I understand the BDC is the same but changing connection. [global] workgroup = DOMAIN netbios name = DOMAIN-PDC security = user enable privileges = yes interfaces = 127.0.0.0/8 eth0 10.0.1.0/24 10.0.0.0/24 # bind interfaces only = yes server string = DOMAIN Primary Domain Controller encrypt passwords = true # obey pam restrictions = no # pam password change = yes unix password sync = no ldap passwd sync = yes passwd program = /usr/bin/smbldap-passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . log level = 1 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 time server = yes #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = UTF-8 domain logons = yes domain master = no logon path = logon drive = logon home = logon script = logon.bat local master = yes preferred master = yes os level = 65 wins support = no wins server = 10.0.0.2 dns proxy = yes panic action = /usr/share/samba/panic-action %d server signing = auto server schannel = auto winbind trusted domains only = yes winbind use default domain = yes passdb backend = ldapsam:"ldap://ldap.domain.es" ldap admin dn = cn=admin,dc=domain,dc=es ldap suffix = dc=domain,dc=es ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap ssl = no ldap delete dn = yes add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" load printers = yes create mask = 0774 directory mask = 0775 nt acl support = no printing = cups printcap name = cups deadtime = 60 keepalive = 60 guest account = nobody map to guest = bad user dont descend = /proc,/dev,/etc,/lib,/lost+found show add printer wizard = yes preserve case = yes short preserve case = yes case sensitive = no usershare allow guests = yes And with this, to join BDC to the Samba NET I made: #net getlocalsid >> inside PDC and #net setlocalsid >> inside BDC #net join >>inside BDC And I don't know the shared folders how goes. I understand If I use BDC how other file server to access to new folders putted inside BDC servers the steps are: include folders in BDC smb.conf. windows XP clients will use the path \\domain-pdc\sharedfolder is correct? Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba