Re: [Samba] Migrated PDC to new server

Wed, 28 Jun 2006 11:38:08 -0700 

anyone ?

Matt Ingram wrote:
I just migrated my SMB pdc to a new server (was running 3.0.21c, now 3.0.22). Some things seems to be ok. net rpc list; net rpc testjoin seem to work. But if I attempt to join a windows system to the domain I get "The following error occured while attempting to join to domain "DOMAINNAME": The user name could not be found". The machine name is getting loaded into ldap. 


LDAP seems to be fine, getent passwd/group returns all the ldap users; 
net groupmap list returns all the groups. I can shell in with ldap 
accounts/



I copied the old server's /etc/samba to the new server and I set the 
new servers SID to be that of the old server.



Also, I have a logon script on my BDC and my PDC.  The BDC script runs 
on the client boot up, but the PDC one isn't running.


Any ideas?

SMB.CONF
[global]
       workgroup = DOMAINNAME
       netbios name = HOME
       server string = HOME
       passdb backend = ldapsam:ldap://ldap.domain
       username map = /etc/samba/smbusers
       printcap name = cups
       enable privileges = Yes
       log level = 2
       add user script = /usr/local/sbin/smbldap-useradd -m '%u'
       delete user script = /usr/local/sbin/smbldap-userdel %u
       add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
       delete group script = /usr/local/sbin/smbldap-groupdel '%g'

       add user to group script = /usr/local/sbin/smbldap-groupmod -m 
'%u' '%g'
       delete user from group script = 
/usr/local/sbin/smbldap-groupmod -x '%u' '%g'
       set primary group script = /usr/local/sbin/smbldap-usermod -g 
'%g' '%u'

       add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
       logon script = scripts\logon.bat
#       logon path = \\%L\Profiles\%U
       logon path =
       logon drive = H:
       logon home = \\%L\%U
       domain logons = Yes
       os level = 65
       preferred master = Yes
       domain master = Yes
       wins server = 172.30.30.25
       ldap suffix = ou=Accounts,dc=company,dc=com
       ldap machine suffix = ou=Computers
       ldap user suffix = ou=People
       ldap group suffix = ou=Posix,ou=Groups
       ldap idmap suffix = ou=idmap
       ldap admin dn = cn=Manager,dc=company,dc=com
       ldap ssl = no
       ldap passwd sync = No
#       idmap uid = 15000-20000
#       idmap gid = 15000-20000
       printing = cups
       map acl inherit = Yes


here's my log.smbd when I tried to add the computer:

[2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)

 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.

[2006/06/23 11:28:27, 2] smbd/sesssetup.c:setup_new_vc_session(772)

 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.

[2006/06/23 11:28:27, 2] lib/smbldap.c:smbldap_open_connection(722)
 smbldap_open_connection: connection opened
[2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
 init_sam_from_ldap: Entry found for user: root
[2006/06/23 11:28:27, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
 init_group_from_ldap: Entry found for group: 512
[2006/06/23 11:28:27, 2] auth/auth.c:check_ntlm_password(307)

 check_ntlm_password:  authentication for user [Administrator] -> 
[root] -> [root] succeeded

[2006/06/23 11:28:28, 2] smbd/server.c:exit_server(614)
 Closing connections
[2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)

 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.

[2006/06/23 11:28:28, 2] smbd/sesssetup.c:setup_new_vc_session(772)

 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.

[2006/06/23 11:28:28, 2] lib/smbldap.c:smbldap_open_connection(722)
 smbldap_open_connection: connection opened
[2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_sam_from_ldap(640)
 init_sam_from_ldap: Entry found for user: root
[2006/06/23 11:28:28, 2] passdb/pdb_ldap.c:init_group_from_ldap(2215)
 init_group_from_ldap: Entry found for group: 512
[2006/06/23 11:28:28, 2] auth/auth.c:check_ntlm_password(307)

 check_ntlm_password:  authentication for user [Administrator] -> 
[root] -> [root] succeeded
[2006/06/23 11:28:29, 2] 
rpc_server/srv_samr_nt.c:_samr_lookup_domain(2670)
 Returning domain sid for domain DOMAINNAME -> 
S-1-5-21-3186883984-1813041273-1898769360

[2006/06/23 11:28:30, 2] smbd/server.c:exit_server(614)
 Closing connections

thanks in advance.






--
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba






















					Reply via email to