I have a Samba PDC setup using LDAP as the passdb. I want to add another Samba server to the mix. I believe I want to add it in as a Domain Server; however, I can't seem to get it working.
On the PDC server I am running: - linux (2.6.latest) - openldap (latest) - samba (3.latest) - nss On the Domain Server I am running: - samba (latest 3.latest) - nss I thought someone might see something obvious in my smb.conf (particularly the second one below for the domain server). I am going to try starting from scratch tomorrow and any advice is appreciated. Thanks in advance, Chris.... ================================================================== SMB.CONF for the PDC [global] workgroup = SFS1 netbios name = SFSPDC encrypt passwords = Yes hide dot files = Yes null passwords = Yes enable privileges = yes interfaces = 192.168.0.28 server string = SFSMAIL PDC security = user local master = yes os level = 33 hosts allow = 192.168.0. 127. loglevel = 2 log file = /var/log/samba/log.%m debug timestamp = yes domain master = yes domain logons = yes #winbind use default domain=yes logon path = wins support = yes passdb expand explicit = no ldap passwd sync = Yes passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://itsolut.com/"; ldap admin dn = cn=admin,dc=com ldap suffix = ou=sfsmail,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=people ldap machine suffix = ou=Computers ldap idmap suffix = ou=people #ldap idmap suffix = ou=Idmap #idmap backend = ldap://itsolut.com #idmap uid = 2000 - 3000 #idmap gid = 2000 - 3000 #ldap ssl = start_tls socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes add group script = /usr/sbin/smbldap-groupadd -p "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" [homes] comment = Home Directories valid users = %U read only = No create mask = 0664 directory mask = 0775 browseable = No writeable = yes path = /home/samba/users/%U [netlogon] path = /home/samba/netlogon browseable = no guest ok = yes read only = yes ================================================================== NSSSWITCH.CONF for PDC passwd: files ldap group: files ldap shadow: files ldap publickey: files hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: db files ================================================================== SMB.CONF for Domain Server [global] workgroup = SFS1 server string = SFS STORAGE SERVER netbios name = storage1 security = domain password server = 192.168.0.28 encrypt passwords = Yes hosts allow = 192.168.0. 127. log file = /var/log/samba/log.%m loglevel = 3 max log size = 50 debug timestamp = yes ;password server = 192.168.0.28 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.0.25 ; local master = no ; os level = 33 domain master = no ; preferred master = yes ; domain logons = yes ; wins support = yes wins server = 192.168.0.28 wins proxy = yes passdb expand explicit = no ldap passwd sync = Yes passdb backend = ldapsam:"ldap://192.168.0.28/"; ldap admin dn = cn=admin,dc=com ldap suffix = ou=sfsmail,dc=com ldap group suffix = ou=Groups ldap user suffix = ou=people ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap #idmap backend = ldap:ldap://192.168.0.28 #idmap uid = 10000-20000 #idmap gid = 10000-20000 add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes add group script = /usr/sbin/smbldap-groupadd -p "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" ================================================================== NSSSWITCH.CONF for Domain Server passwd: files ldap group: files ldap shadow: files ldap publickey: files hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: db files -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
