Are you sure of that ? I thought it was possible...
If it is not, I've got another slightly off topic question : how to I demote my former
Windows NT PDC (that is now a BDC) to a normal Windows NT server, so that I have no
problem with it ?
Thanks in advance.
-------- Message d'origine--------
De: Umberto Zanatta [mailto:[EMAIL PROTECTED]
Date: lun. 26/07/2004 14:09
Ã: Julien Bordet
Cc: [EMAIL PROTECTED]
Objet: Re: [Samba] Samba as a PDC / Windows NT 4 SP6a as a BDC
You can't do it!
Samba won't be a BDC for NT and viceversa.
maybe, you should wait samba 4.0.
Il lun, 2004-07-26 alle 13:05, Julien Bordet ha scritto:
Hi every body,
As you may have guessed, I've got a problem ;)
What I had :
- A PDC Server (Windows NT 4 SP 6a), called SERVER1, for the domain
TEST
- A BDC Server (Windows NT 4 SP 6a), called SERVER2, for the domain
TEST
Everything was working fine.
Now I switched my NT PDC to a Samba PDC, and I make SERVER1 a BDC for
the domain. Until now, no problem. I use samba 3.0.4, connected to OpenLDAP thanks to
the ldapsam method.
However, after promoting Samba to be the PDC, it seems that none of
the two BDC (SERVER1 and SERVER2) can synchronize SAM, LSA and BUILTIN databases from
SAMBA.
So I can logon with any user/password that existed before the
migration, but cannot add any new account on the SAMBA/LDA Server. I've got a password
error when trying to log in.
On both servers, I have the following error :
Event ID 5718
The full synchronization replication of the LSA database from the
primary domain controller servername failed with the following error: Procedure number
out of range.
I've successfully tried to establishe a secure channel from the BDC,
with the netdomain command
NETDOM BDC SERVER1 /SYNC
However, trying to force a synchronization returns :
C:\ntreskit>nltest /BDC_QUERY:TEST
Server : \\SERVER1
SyncState : REPLICATION_IN_PROGRESS
ConnectionState : Status = 1745 0x6d1
RPC_S_PROCNUM_OUT_OF_RANGE
The command completed successfully
The error message here corresponds to the message of the event viewer.
Have anyone of you seem anything like that before ?
I've search both the microsoft support site and the samba mailing list
archive, but without success.
Many thanks for your help.
Julien
Here is my smb.conf :
[Global]
workgroup = TEST
netbios name = SAMBA
server string = SAMBA-LDAP
username map = /etc/samba/smbusers
encrypt passwords = yes
interfaces = 172.16.0.115/16
domain logons = Yes
os level = 65
domain master = Yes
local master = No
security = user
wins support = Yes
passdb backend = ldapsam:ldap://localhost
ldap admin dn = "cn=samba,ou=DSA,dc=testdomain,dc=fr"
ldap ssl = off
ldap delete dn = yes
ldap user suffix = ou=Utilisateurs
ldap group suffix = ou=Groupes
ldap machine suffix = ou=Machines
ldap suffix = dc=testdomain,dc=fr
ldap idmap suffix = ou=Users
ldap passwd sync = yes
Dos charset = 850
Unix charset = ISO8859-1
log level = 99
log file = /var/log/samba/%m.log
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
logon script = logon.bat
logon drive = H:
logon home =
logon path =
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
[homes]
comment = RÃpertoires utilisateurs
valid users = %U
read only = No
create mask = 0664
directory mask = 0775
browseable = No
[netlogon]
path = /var/lib/samba/netlogon
browseable = No
read only = Yes
_____
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
<http://lists.samba.org/mailman/listinfo/samba>
_______________________
Umberto Zanatta
linuxDidattica
tel: +39 (335) 54 71 385
email: [EMAIL PROTECTED]
web: http://linuxdidattica.org
_______________________
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
