Adrian,
In your smb.conf in bdc there is domain master = no ?
Adrian A. Sender wrote:
Hello Ryan,
As you are using PDC / BDC you are using LDAP arnt you?
You have not provided much information, so its very hard to know where to even
start.
Assuming that users are been replicated to the BDC via LDAP slurpd, you may want to
check the following;
"net getlocalsid" on the PDC
Verify that this matches the BDC "net getlocalsid" ..
If not on the BDC "net setlocalsid S-1-5-21-x-y-z"
Failing this remove your ldap database on the BDC (backup first)
"slapcat -v -l transfer.ldif" on PDC
Copy to BDC
rm -rf /var/lib/ldap/*
On BDC
"slapadd -v -l transfer.ldif on BDC"
All this is clearly explained in the documentation available on the samba web
site.
Let me know if this helps.
Cheers,
Adrian Sender
From: "ryan punt" <[EMAIL PROTECTED]>
Subject: [Samba] PDC/BDC problem - clients not authenticating against BDC
Date: Tue, 21 Nov 2006 09:17:41 -0600
To: <[email protected]>
Hey list,
I've got a problem with my PDC/BDC setup. They're both running 3.0.23c on Sarge, and
I've verified that both the PDC and BDC will authenticate users.
test-pdc:/etc/samba# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[netlogon]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
test-bdc:/var/log/samba# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[netlogon]"
Loaded services file OK.
Server role: ROLE_DOMAIN_BDC
My PDC is also my WINS server, and I've verified that XP clients on other subnets see
two "DOMAIN#1c" records.
The problem I'm having is this: When SMBD on the PDC stops, XP clients will no longer
authenticate; the specific error is "the system cannot log you on now because the
domain GSS is not available." NMBD is still running, and XP clients still see 2 "#1c"
records.
How can I ensure that XP clients will authenticate against the BDC if the PDC is
unavailable?
Thanks,
Ryan
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
