On Thu, 2003-08-28 at 09:47, Zachariah Mully wrote: > On Wed, 2003-08-27 at 19:16, Jeremy Allison wrote: > > Hmmm. It's doing some an LSA_ENUMTRUSTDOM which we don't support fully > > in 2.2.x. Can you try this with Samba 3.0 (which does) to see if this > > makes a difference ? > > > > Thanks, > > > > Jeremy. > > Jeremy- > I've upgraded to: > > bubbles-new:/etc/samba# smbd --version > Version 3.0beta1-1 for Debian > > And I'm still having the same problem, I've posted the logs to: > http://zaphod.smartbrief.com/pics/log.princess-1.smb3 > > Thank you, > Zack >
Jerry, Jeremey- I've continued working on getting logins working with MS Cluster Services and I've made some progress, but I need your help diagnosing the issue. First, I've upgraded my Samba PDC to 3.0.0rc4-Debian from the samba.org unstable repository. I am using a tdb passwd backend and I have the user "cluster" in the Domain Admins group: ogo:/var/log/samba# net groupmap list System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Domain Users (S-1-5-21-2122776906-1968872760-1457807302-513) -> domainusers Power Users (S-1-5-32-547) -> -1 Print Operators (S-1-5-32-550) -> -1 Administrators (S-1-5-32-544) -> -1 Account Operators (S-1-5-32-548) -> -1 Domain Guests (S-1-5-21-2122776906-1968872760-1457807302-514) -> domainguest Domain Admins (S-1-5-21-2122776906-1968872760-1457807302-512) -> cluster Backup Operators (S-1-5-32-551) -> -1 Users (S-1-5-32-545) -> -1 ogo:/var/log/samba# To restate the problem, I'm trying to create a two-node active/passive cluster with MSCS. MSCS requires the user used to create the cluster on N1 to be a domain user and have administrator priveledges on both nodes, so the user "cluster" was added to the domain admins group (the cluster unixgroup contains, of course, the user cluster). I get a permissions violation when I try and bring up the second node, "CLUSTER\cluster does not have permission to administer the cluster. Please use an account that has access privileges to the cluster." Last night I discovered something really strange. If I restart my PDC after N1 MSCS comes up and before N2 MSCS does, N2 MSCS is able to sporadically start successfully. Once N2 MSCS comes up though, I am not able to use the MSCS management tool on N2 (it requires the cluster user to login) without again restarting my PDC. So other than the very first login after the restart, no further logins have permissions on MSCS. Here is a successful login on N2 after a restart (watch out this logfile is about 2.5MB): http://zaphod.smartbrief.com/pics/princess-1.log.good And a bad login on N2: http://zaphod.smartbrief.com/pics/princess-1.log.bad Any ideas? Thanks, Zack -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba