On Thursday 27 January 2005 17:53, you wrote: > zheka wrote: > > Duncan Brannen wrote: > >> Appologies for double posting this. I managed to add it to the end > >> of an old thread instead of starting a new one, > >> anyone recommend a mail client that shows threads? :) > >> > >> > >> Hi, > >> I'm trying to run 2 domains from the one server. I've got my 2 > >> config files > >> and both servers run, bound to the correct interface if started > >> normally. > >> > >> The problem I have occurs when I try to start both at once. nmdb > >> seems to be hardwired > >> to write to $SAMBA_ROOT/var/locks/browse.dat so each instance of > >> nmbd overwrites > >> the data of the other. > >> > >> Have I missed an option to configure it to write elsewhere? ( log, > >> lock & pid dirs don't do it) > >> or, do I have to recompile samba with a new root? > >> > >> Feature Request:: Is it possible to have an option to reset this > >> location if it doesn't exist? > >> > >> Is there a good howto anywhere on 2 domains / one machine or a good > >> reason not to do it? > >> (Pref for Solaris) > >> > >> We've got the same users in each domain, with the same ldap backend, > >> The problem > >> being solved is that of giving some users escalated permissions when > >> logged into their > >> own domain (Set group of machines ) but allowing them to log into the > >> "World usable" > >> domain (open access machines) with normal permissions. Joe Blogs > >> shouldn't be able to > >> login to the 2nd domain, & I've controlled access using the ldap > >> filter in smb.conf. (Good / Bad idea?) > >> > >> Any comments from those who done this appreciated. > >> > >> Cheers, > >> Duncan > > > > Yes, you missed the parameter "lock directory" in smb.conf. browse.dat > > lays under the lock directory path. > > I have successfull installation of samba server with two domains, but > > it works only if locking directories are separated. And yes, you will > > need separate ldap records for same users in different domains > > (because of different SIDs). > > I've set the lock directory (see above, tried lock, log and pid) but > this doesn't change the browse.dat location, just the pid / > filename.tdb location. Possibly the overwriting of browse.dat by the > two nmbd processes is a red herring and it should work. > > I've set the SIDs' of the two domains to be the same so I only need one > set of user records. Which version are you using? I'm going to try > again with 3.0.11, > and compile them into distinct directories if it still fails. > > Cheers, > Duncan
Didn't you forget to point the second instance of nmbd (for second) domain to the right smb.conf? How do you start samba? try this: smbd -s /path/to/smb.conf1 nmbd -s /path/to/smb.conf1 smbd -s /path/to/smb.conf2 nmbd -s /path/to/smb.conf2 In my case (samba 3.0.4) browse.dat _do_ lies under locks directory, will try it on samba 3.0.11pre2 tomorrow. did you use some prepackaged binary or compiled it? if so, how did configure string look like? -- Ing. Yevheniy Demchenko, UVT s.r.o. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
