Bryan K. Walton
2004-Oct-01 19:22 UTC
[Samba] Member server won't authenticate against Samba BDC
For the last few years, we have had a NT4 PDC (without a BDC). This week I undertook the process of builing a Samba BDC running Debian linux. This new BDC is running samba version 3.0.7. After setting up the box, I copied all of the user, group, and machine accounts over to the new bdc, using "net rpc vampire". The BDC is up and running and I see everybody authenticating against it. I would like to make it the PDC, and take down our old NT domain controller, but I have one samba member server (running Samba 3.0.4) that insists on authenticating users against the old nt controller (wecc-server) and I can't figure out how to make it stop. Oh, I should also mention that the new BDC is using a tdbsam backend. The member server (amanda) has unix and smbpasswd accounts in the BDC (jerry) that I "vampired" from wecc-server. Here is an excerpt from Amanda's smb.conf: workgroup = WECC-DOMAIN security = domain password server = jerry, wecc-server And here is an excerpt from Jerry's smb.conf: workgroup = WECC-DOMAIN os level = 34 local master = Yes preferred master = Yes domain master = No If I promote Jerry to a PDC from a BDC, and then shut down the old NT domain controller, none of our employees can connect to any shares on Amanda. When they try, they get a message: "There are currently no logon servers available to service the logon request." Now, I've also tried removing the "wecc-server" listing from Amanda's "password server =" line in its smb.con, in addition to the above steps, but it doesn't make any difference. Can anybody tell me what might be wrong here? I'm sure I'm missing something but have run out of ideas. In the meantime, I keep the old NT domain controller up and running. Please let me know if there are other parts of the smb.conf files that you would like to see. Much thanks!! Bryan Walton
Bryan K. Walton
2004-Oct-01 21:51 UTC
[Samba] Member server won't authenticate against Samba BDC
Just fixed it, had to restart winbind daemon on the member server. The solution was right in front of me the entire time. Sorry. -Bryan On Fri, Oct 01, 2004 at 02:22:08PM -0500, Bryan K. Walton wrote:> For the last few years, we have had a NT4 PDC (without a BDC). > This week I undertook the process of builing a Samba BDC running > Debian linux. This new BDC is running samba version 3.0.7. After > setting up the box, I copied all of the user, group, and machine > accounts over to the new bdc, using "net rpc vampire". > > The BDC is up and running and I see everybody authenticating against > it. I would like to make it the PDC, and take down our old NT domain > controller, but I have one samba member server (running Samba 3.0.4) > that insists on authenticating users against the old nt controller > (wecc-server) and I can't figure out how to make it stop. Oh, I should > also mention that the new BDC is using a tdbsam backend. > > The member server (amanda) has unix and smbpasswd accounts in the BDC > (jerry) that I "vampired" from wecc-server. Here is an excerpt from > Amanda's smb.conf: > > workgroup = WECC-DOMAIN > security = domain > password server = jerry, wecc-server > > And here is an excerpt from Jerry's smb.conf: > > workgroup = WECC-DOMAIN > os level = 34 > local master = Yes > preferred master = Yes > domain master = No > > > If I promote Jerry to a PDC from a BDC, and then shut down the old NT > domain controller, none of our employees can connect to any shares on > Amanda. When they try, they get a message: > > "There are currently no logon servers available to service the logon > request." Now, I've also tried removing the "wecc-server" listing from > Amanda's "password server =" line in its smb.con, in addition to the > above steps, but it doesn't make any difference. > > Can anybody tell me what might be wrong here? I'm sure I'm missing > something but have run out of ideas. In the meantime, I keep the old NT > domain controller up and running. Please let me know if there are > other parts of the smb.conf files that you would like to see. > > Much thanks!! > Bryan Walton > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba-- Bryan K. Walton Wisconsin Energy Conservation Corporation GnuPG Key fingerprint = 42FC 3177 3E63 2490 DF3F 68A1 B565 120C 1EE1 8F37