-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Message: 14 > Date: Mon, 07 Jul 2003 17:30:23 +0100 > From: Duncan Brannen <[EMAIL PROTECTED]> > Subject: [Samba] ldap pdc and rejoining domains > To: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="us-ascii"; format=flowed > > > Afternoon all, > > I've got a problem I hope somebody can help me with. > > We've got samba working as a PDC to windows 2000 machines > with LDAP as the backend. > > It's fine until we start distributing the load over multiple LDAP servers. > > I've changed the configuration in the pam ldap stuff (on Solaris using padl) to > point at a slave LDAP server (replacing /etc/passwd) > > What I'm not clear on is what happens when we rebuild a machine. > > We reinstall the machine & try to create a new domain account. > That fails because it already exists > Machine then tries to rejoin domain setting up new SID/password (???) > > smb.conf points at the ldap-slave > smbldap_tools stuff points at ldap master > pam.conf stuff points at ldap slave > > which one is samba using to rejoin the domain. I guess it's smb.conf or > pam.conf > since before I had referrals working properly changes were being made to > the slave. > > If it's smb.conf, does it understand referrals? If not, is it possible to > use a slave > ldap server with samba? >
Depends which version of samba. IIRC, referral support was added in 2.2.8 or 2.2.8a, although there are patches available for 2.2.7a (Mandrake packages had it since 2.2.7a-3mdk for example, so current update packages have it). If you have a recent samba, it should all work without problems, except when actually joining to a BDC (but I think there is a workaround in the webpage I link to below). > Sorry if I seem confused - it's cos I am BTW, I have covered some aspects which aren't really well documented in other places here: http://www.mandrakesecure.net/en/docs/samba-ldap-advanced.php Regards, Buchan - -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/CsefrJK6UGDSBKcRAn58AKC81WSafYS0lbGkBeNbwnFmmx9K1ACfbP79 eu4wqUoGSSLgn+fy72uMLVg= =44pk -----END PGP SIGNATURE----- ****************************************************************** Please click on http://www.cae.co.za/disclaimer.htm to read our e-mail disclaimer or send an e-mail to [EMAIL PROTECTED] for a copy. ****************************************************************** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba