samba - Nov 1997 - More than one password server?

Hi,

HP-UX 10.20 samba 1.9.17p4
>From the smb.conf (5) I read :
 If you list several hosts in the "password server" option then smbd
      will try each in turn till it finds one that responds. This is useful
      in case your primary server goes down.

Here's smb.conf global section

workgroup = OUR_WORKGROUP_NAME
wins support = no
wins server = IP.ADDRESS.OF.MACHINEA
domain master = no
local master = yes
preferred master = no
os level = 1
mangle case = no
case sensitive = yes
preserve case = yes
server string = %h Samba %v - Matt Foster
time server = true 
print command = lp -d%p %s
lpq command = lpstat %p
lprm command = cancel %p
security = server
password server = machinea machineb
syslog only = yes
syslog = 1
debug level = 2


MachineA is the PDC of an NT domain.
MachineB is the PDC of another NT domain (no trust relationships).

It appears that only the first one is tried, in the above example I can
log into domaina, but not domainb.  If I swap it around the reverse is true.
The appropriate "dummy" entries are setup in /etc/passwd.

Anyone got this to work, or have any ideas?

Otherwise it's working remarkabley well.  

Cheers

Matt

On Sat, 8 Nov 1997, Matt Foster wrote:
> 
> Hi,
> 
> HP-UX 10.20 samba 1.9.17p4
> 
> >From the smb.conf (5) I read :
> 
>  If you list several hosts in the "password server" option then
smbd
>       will try each in turn till it finds one that responds. This is useful
>       in case your primary server goes down.
> 
> Here's smb.conf global section
> 
> workgroup = OUR_WORKGROUP_NAME
> wins support = no
> wins server = IP.ADDRESS.OF.MACHINEA
> domain master = no
> local master = yes
> preferred master = no
> os level = 1
> mangle case = no
> case sensitive = yes
> preserve case = yes
> server string = %h Samba %v - Matt Foster
> time server = true 
> print command = lp -d%p %s
> lpq command = lpstat %p
> lprm command = cancel %p
> security = server
> password server = machinea machineb
> syslog only = yes
> syslog = 1
> debug level = 2
> 
> 
> MachineA is the PDC of an NT domain.
> MachineB is the PDC of another NT domain (no trust relationships).
> 
> It appears that only the first one is tried, in the above example I can
> log into domaina, but not domainb.  If I swap it around the reverse is
true.
> The appropriate "dummy" entries are setup in /etc/passwd.
ok, try adding some debug info inside server.c:server_cryptkey(), and see 
if it actually tries both password servers, ok?

like this:

@server.c some_context_diff_stuff:-)

  standard_sub_basic(desthost);
  strupper(desthost);

+ DEBUG(4,("server_cryptkey: attempt connection to password server
%s\n",
		desthost));

  dest_ip = *interpret_addr2(desthost);


<a href="mailto:lkcl@switchboard.net"  > Luke Kenneth Casson
Leighton </a>
<a href="http://mailhost.cb1.com/~lkcl"> Lynx2.7-friendly Home
Page   </a>
<br><b> "Apply the Laws of Nature to your environment because
your
         environment applies the Laws of Nature to you"              
</b>

OkDokie

I guess you meant password.c :)

Here we go, put the pw server for the domain I'm not in first.
And don't get authenticated :(
Here is the debug from log.smb
(I've blanked IP addresses)

netbios connect: name1=CHARITY          name2=TWILIGHT       
11/07/97 16:23:38 Transaction 1 of length 174
switch message SMBnegprot (pid 6179)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [XENIX CORE]
Requested protocol [MICROSOFT NETWORKS 1.03]
Requested protocol [LANMAN1.0]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [LM1.2X002]
Requested protocol [LANMAN2.1]
Requested protocol [NT LM 0.12]
server_cryptkey: trying pw server TCC-DL01 <- The debug code added
Connecting to X.X.X.X at port 139
connected to password server tcc-dl01
got session
password server OK
using password server validation
Selected protocol NT LM 0.12
11/07/97 16:23:38 Transaction 2 of length 196
switch message SMBsesssetupX (pid 6179)
Domain=[DLV-MASTER]  NativeOS=[Windows NT 1381] NativeLanMan=[]
sesssetupX:name=[fm2503]
password server TCC-DL01 rejected the password
Checking password for user fm2503 (l=24)
11/07/97 16:23:41 error packet at line 537 cmd=115 (SMBsesssetupX) eclass=2 ecod
e=2
end of file from client
Closing connections

-----Original Message-----
From:   lkcl@switchboard.net 
Sent:   Friday, November 07, 1997 2:51 PM
To:     Matt Foster
Cc:     samba@samba.anu.edu.au
Subject:        Re: More than one password server?


ok, try adding some debug info inside server.c:server_cryptkey(), and see
if it actually tries both password servers, ok?

like this:

@server.c some_context_diff_stuff:-)

  standard_sub_basic(desthost);
  strupper(desthost);

+ DEBUG(4,("server_cryptkey: attempt connection to password server
%s\n",
          desthost));

  dest_ip = *interpret_addr2(desthost);


<a href="mailto:lkcl@switchboard.net"  > Luke Kenneth Casson
Leighton </a>
<a href="http://mailhost.cb1.com/~lkcl"> Lynx2.7-friendly Home
Page   </a>
<br><b> "Apply the Laws of Nature to your environment because
your
         environment applies the Laws of Nature to you"              
</b>