Hi Jason,
The problem is here:
logon path = \\%L\profiles\%U
With the %L it is refering to your local machine, therefore all your account
in ldap are mapping profiles to local host. When the BDC serves a login it
tries to map profile to local host.
You will need to change this to a machine name or better export your home
and profiles from the pdc to bdc through nfs.
So login path = \\machine.domain.com\profiles\%U
If you choose not to export ur profile and home to the bdc, you will need
to manually alter login path for all the user accounts that are stored in
ldap; use pdbedit or whatever u normally use to manipulate user account to
acheive this.
Hope this helps.
Cheers,
Adrian Sender
From: Jason Baker <[EMAIL PROTECTED]>
To: [email protected]
Subject: [Samba] Backup Domain not working
Date: Thu, 31 May 2007 08:46:42 -0400
I recently set up a backup domain controller using Samba 3.0.23. I have a
Samba PDC already running, and all is working fine, but once I added the
BDC, now when people log in to their windows account, their home directory
is now being mapped to their home on the BDC (which is empty) instead of
the PDC. Conf files from each below:
PDC Samba Conf:
[global]
unix charset = LOCALE
workgroup = mydomain
netbios name = PDC
server string = Domain Controller running %v
interfaces = eth1, lo
bind interfaces only = yes
os level = 255
preferred master = yes
local master = yes
domain master = yes
security = user
time server = yes
username map = /etc/samba/smbusers
wins support = yes
encrypt passwords = yes
pam password change = yes
name resolve order = wins bcast hosts
winbind nested groups = no
passdb backend = ldapsam:"ldap://127.0.0.1 ldap://BDC";
ldap passwd sync = Yes
ldap suffix = dc=mydomain,dc=com
ldap admin dn = cn=Manager,dc=mydomain,dc=com
ldap ssl = no
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=People
ldap idmap suffix = ou=Idmap
idmap backend = ldap:ldap://127.0.0.1/
idmap uid = 10000-20000
idmap gid = 10000-20000
map acl inherit = yes
add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
#delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
add machine script = /etc/smbldap-tools/smbldap-useradd -w "%u"
add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
#delete group script = /etc/smbldap-tools/smbldap-groupdel "%g"
add user to group script = /etc/smbldap-tools/smbldap-groupmod -m
"%u" "%g"
delete user from group script = /etc/smbldap-tools/smbldap-groupmod
-x "%u" "%g"
set primary group script = /etc/smbldap-tools/smbldap-usermod -g
"%g" "%u"
domain logons = yes
log file = /var/log/samba/log.%m
log level = 1
syslog = 0
max log size = 50
#smb ports = 139 445
smb ports = 139
hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0
# User profiles and home directories
logon drive = U:
logon path = \\%L\profiles\%U
logon script = %U.bat
large readwrite = no
read raw = no
write raw = no
printcap name = /etc/printcap
load printers = no
printing =
template shell = /bin/false
winbind use default domain = no
BDC Samba Conf.
[global]
unix charset = LOCALE
workgroup = mydomain
server string = Backup Domain Controller
security = domain
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m.log
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts
wins server = 172.16.24.7
ldap suffix = dc=mydomain,dc=com
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=mydomain,dc=com
idmap backend = ldap:ldap://PDC
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind trusted domains only = yes
password server = 172.16.24.7
template shell = /bin/false
domain master = no
local master = no
os level = 0
preferred master = no
winbind use default domain = no
veto oplock files = /*.mbd/
large readwrite = no
read raw = no
write raw = no printcap name = /etc/printcap
load printers = no
printing =
*Jason Baker
*/IT Coordinator/
*Glastender Inc.*
5400 North Michigan Road
Saginaw, Michigan 48604 USA
800.748.0423
Phone: 989.752.4275 ext. 228
Fax: 989.752.4444
www.glastender.com <http://www.glastender.com>
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
r+++ y+++
------END GEEK CODE BLOCK------
_________________________________________________________________
Advertisement: Are you paid what you're worth? Find out: SEEK Salary Centre
http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Eseek%2Ecom%2Eau%2Fcareer%2Dresources%2Fsalary%2Dcentre%2F%3Ftracking%3Dsk%3Ahet%3Asc%3Anine%3A0%3Ahot%3Atext&_t=764565661&_r=june07_endtext_salary&_m=EXT
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
