Uli Luckas, Oktay Akbal, Samba Gurus, Where is the SID, or MACHINE.SID ? Is that a file ? I checked my Samba installation (/usr/local/samba) and I cannot find the file.
Cheng Hsu -----Original Message----- From: Uli Luckas [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 13, 2003 5:25 AM To: 'Oktay Akbal'; Hsu, Cheng (Consultant) Cc: '[EMAIL PROTECTED]' Subject: AW: [Samba] Samba server in a failover environment On Thu, 13 Feb 2003, Oktay Akbal wrote: > On Wed, 12 Feb 2003, Hsu, Cheng (Consultant) wrote: > > > But my experiment shows that I MUST > explicitly join the > > NT domain > > in order for everything to work. > > Just a guess: Make sure that the server do not only have the same > smb.conf, but also the same SID (MACHINE.SID or whatever > setup of samba > you use) This will not be enough in the long run... The SID is what identifies the machine all right. But on join your the machine registers a (random) password with the DC. Now if you join the second server with the same name/SID the DC will update the password to the 2nd machine's idea of what it should be and the 1st machine can't log into the domain any more :-( And it is worse... You could probably (r)sync smb.conf, MACHINE.SID plus the domain password (secrets.tdb?) between the two servers and things would work for a while. But you need to do this on a regular basis as the password is updated to a new random password every now and then (default once a week?) and the secondary server would be out of sync. Just as an suggestion to the samba team ... a hook like "machine pwd update script = sync_secrets.sh" in smb.conf would come in handy. Hope I was of any help Uli ----- This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please delete it and all copies from your system, destroy any hard copies and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Nomura Holding America Inc., Nomura Securities International, Inc, and their respective subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state the views of such entity. Unless otherwise stated, any pricing information in this message is indicative only, is subject to change and does not constitute an offer to deal at any price quoted. Any reference to the terms of executed transactions should be treated as preliminary only and subject to our formal written confirmation. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
