Re: [Samba] Promoting Samba BDC to PDC

[adrian sender]

Hello Pavan,

try nmblookup domainname#1C

Multiple netbios names can be registered under 1C; this shows the PDC & BDC.

[EMAIL PROTECTED] ~]# nmblookup DDESIGN#1C
WARNING: The "printer admin" option is deprecated
querying DDESIGN on 192.168.0.255
192.168.0.4 DDESIGN<1c>
192.168.0.3 DDESIGN<1c>

Only one netbios name can be registered as 1B; this is the PDC

[EMAIL PROTECTED] ~]# nmblookup DDESIGN#1B
WARNING: The "printer admin" option is deprecated
querying DDESIGN on 192.168.0.255
192.168.0.4 DDESIGN<1b>
[EMAIL PROTECTED] ~]#


Regards,
Adrian Sender,

From: Pavan krishna <[EMAIL PROTECTED]>
To: adrian sender <[EMAIL PROTECTED]>
CC: samba@lists.samba.org
Subject: Re: [Samba] Promoting Samba BDC to PDC
Date: Fri, 18 Nov 2005 09:49:39 +1100

Hi Adrian,

Thank you for your reply. Yeah i have done what you have described already, but the problem is that my client machine is not able to detect the BDC, though my testparm on the BDC shows me no errors. And yes the LDAP administrative password is stored in secrets.tdb else i cannot join my client machine to the domain and cannot even make changes to the ldapsam database with the admindn user.

Do you think i need to add something else on the Samba BDC file, following are my configuration settings for the BDC using the replicated ldapsam database.

[global]
   workgroup = testdom
   interfaces = 127.0.0.1/255.255.255.0 192.168.9.238
   printing = cups
   printcap name = cups
   printer admin = @ntadmin, root, administrator
   map to guest = Bad User
   security = user
   encrypt passwords = yes
   allow trusted domains = yes
   server string = Samba Server

add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$

   domain master = no
   admin users = root
     hosts allow=192.168.9. 255.255.255. localhost
     remote announce=192.168.9.255
   domain logons = yes
     preferred master=no
      enhanced browsing=yes
   local master = yes
   unix password sync = no
   passwd program = /bin/passwd %u
   ldap passwd sync = yes
   ldap delete dn = no
   pam password change = yes
   preferred master = yes
   os level = 65
   ldap suffix = dc=dart,dc=com
   ldap user suffix = ou=People
   ldap group suffix = ou=Group
   passdb backend = ldapsam:ldap://localhost
   netbios name = dartlinux
   username map = /etc/samba/smbusers
   logon home = \\%L\%U\.profile
   logon drive = H:
   logon path = \\%L\profiles\%U
   logon script = netlogon.bat
   wins support = yes
   log file = /var/log/samba/log.%m
   log level = 5
   ldap admin dn = uid=root,ou=People,dc=dart,dc=com
   idmap backend = ldap:ldap://localhost
   ldap idmap suffix = ou=Idmap
   ldap machine suffix = ou=Computers

thanks,
pavan.

adrian sender wrote:

Hello Pavan

Firstly have you been following the samba guide - Samba 3 by example by John Terpstra.

Chapter 5.

You must now set the LDAP administrative password into the Samba-3 secrets.tdb file by executing this command:

root#  smbpasswd -w not24get
Setting stored password for "cn=Manager,dc=abmas,dc=biz" in secrets.tdb

Now you must obtain the domain SID from the PDC and store it into the secrets.tdb file also. This step is not necessary with an LDAP passdb backend because Samba-3 obtains the domain SID from the sambaDomain object it automatically stores in the LDAP backend. It does not hurt to add the SID to the secrets.tdb, and if you wish to do so, this command can achieve that:

root#  net rpc getsid MEGANET2
Storing SID S-1-5-21-3504140859-1010554828-2431957765 \
                          for Domain MEGANET2 in secrets.tdb

Regards,

Adrian Sender.


-------------------------------------------------------------------------------

Hi All,

Has any one got an idea of how to make clients automatically find the BDC when the PDC is stopped. Both PDC and BDC are running by Samba authenticating again a LDAPSAM backend replicated on both the PDC with master LDAP database and BDC with replicated LDAP database. But when I stop PDC the clients are not detecting the BDC broadcast. I can see that the replication is of the OpenLDAP data is perfect.

Any idea of where i may be wrong??

thankx in advance.

pavan.
---------------------------------------------------------------------------

--
Pavan Krishna L
Systems Administrator
Diversity Arrays Technology Pty Ltd
Ph:  +61 2 6281 8512
Fax: +61 2 6281 8533
Mob: +61 423 411 281

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba