Hi!
I run a samba server on a tru64 unix system and when I use security=domain I get
som problems that I need help with.
First of all, heres the config file I use:
*SNIP*
[global]
create mask = 664
directory mask = 775
domain logons = yes
encrypt passwords = yes
guest account = <guest account>
hosts allow = <a>.<b>.<c>.
lock directory = /usr/local/samba/var/locks
log file = /usr/local/samba/log.%m
map to guest = Bad User
password server = <pwd server>
security = domain
smb passwd file = /usr/local/samba/private/smbpasswd
workgroup = <workgroup>
[homes]
comment = Home Directory on %L
browseable = no
read only = no
guest ok = no
# And all the shares look somtn like this...
[sharename]
comment = <some nifty comment>
path = <path name>
public = yes
writable = yes
*SNAP*
The pdc in the network is a nt machine. If one boots the nt machine when samba
is running on the tru64 unix machine, it seems like the the tru64 unix machine
becomes the pdc. When users log on on their nt workstations they get a requester
saying:
"A domain controller for your domain could not be contacted. You have been
logged on using cached account information. Changes to your profile since you
last logged on may not be available."
It seems like everything else works as it should for the users. But when I go to
the nt server and start the server manager for example, I get an error requester
(can't remember exactly what it was.....but the server manager doesn't
work 100% until you stop samba on the tru64 unix machine and then reboot the nt
server.....
When you set security = domain does that mean you set the machine samba runs on
to a bdc...or whats wrong?....and how do I fix it ;) ?
Thanks in advance....
/Martin Ejdestig
Hello Martin, On Wed, Feb 21, 2001 at 08:23:21AM +0100, martin.ejdestig@planit.se wrote:> First of all, heres the config file I use: > [global] > [...] > domain logons = yes > encrypt passwords = yes > [...] > password server = <pwd server> > security = domain> The pdc in the network is a nt machine. If one boots the nt machine when > samba is running on the tru64 unix machine, it seems like the the tru64 unix > machine becomes the pdc.In my understanding "domain logon = yes" tells Samba to become a domain controller. As the workgroup setting will be the same as the domain name of your NT PDC they will be rivaling. Just set it to no, if you want the NT to be your PDC in this domain. OTOH it is interesting to understand what happens, when a PDC tries to delegate authentication with security=server/domain. I tried once security=server in order to see whether I could have two domains using the same password server (something like a trust). Regards, Axel. -- Axel.Thimm@physik.fu-berlin.de