Matthias Eichler
2004-Mar-24 14:26 UTC
[Samba] members server cant find bdc for logon service
Dear List, we've the following setup: login: PDC (Samba + Master LDAP with Slave LDAP) appserver: BDC (Samba + Master LDAP with Slave LDAP) fileserver: Samba domain member server Everything is running with Samba3 and OpenLDAP2 The following problem: when the PDC is not available (test shutdown) the clients can log into the domain (netlogon- script is running from BDC), but the fileserver is not authorizing the client access due to: NO_LOGON_SERVER_FOUND Some parts of the configs: 1) PDC: ---cut--- #SECURITY encrypt passwords = true guest account = nobody obey pam restrictions = no admin users = @domadmins add machine script = /usr/local/sbin/smbldap-useradd.pl -w -g smb-machines -s /bin/false %m unix password sync = yes #passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u passwd program = /usr/local/sbin/smbldap-passwd.pl %u passwd chat = *New\spassword\s:* %n\n *Retype\snew\spassword* %n\n *successfully* #FEATURES panic action = /usr/share/samba/panic-action %d wins support = yes dns proxy = no preferred master = yes local master = yes time server = yes os level = 67 #DOMAIN STUFF domain master = yes domain logons = yes ---cut--- 2) BDC: ---cut--- #SECURITY encrypt passwords = true guest account = nobody obey pam restrictions = no admin users = @domadmins add machine script = /usr/local/sbin/smbldap-useradd.pl -w -g smb-machines -s /bin/false %m unix password sync = yes #passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u passwd program = /usr/local/sbin/smbldap-passwd.pl %u passwd chat = *New\spassword\s:* %n\n *Retype\snew\spassword* %n\n *successfully* #FEATURES panic action = /usr/share/samba/panic-action %d wins support = yes dns proxy = no preferred master = no local master = yes time server = yes os level = 65 #DOMAIN STUFF domain master = no domain logons = yes ---cut--- 3) FILESERVER: ---cut--- #SECURITY null passwords = no admin users = @domadmins encrypt passwords = true guest account = nobody obey pam restrictions = no security = domain password server = LOGIN, APPSERVER #FEATURES panic action = /usr/share/samba/panic-action %d nt acl support = yes wins support = no wins proxy = no wins server = 10.1.1.1 10.1.1.10 dns proxy = no local master = no preferred master = no #DOMAIN STUFF domain master = no domain logons = no ---cut--- Thanks for all help, Matthias
Matthias Eichler wrote:> members server cant find bdc for logon serviceHello, I have exactly the same problem you have. I wonder i you found a solution. I came to the conclusion it is a bug in Samba. I have a setup very similar to yours (Samba PDC and BDC). If I have a Windows member server I can mount its shares with the PDC down, but if the member server is Samba then I can't mount its shares bacause it refuses to authenticate against the BDC. The worst part is that tried changing the PDC into a BDC setting domain master = no and it does work (with the former BDC down). I tried with the following versions: 3.0.1, 3.0.2a, 3.0.3pre2 and none of them worked. I even tried with 2.2.8a and it also didn't work.