Hi all
I have a samba 3.0.21c with OpenLDAP 2.3.19 , as PDC where almost 200
Workstations in the domain, most of my workstations are windows xp, &
2000 professional.
but sometimes some of the system get disjoint from the domain,
if we do ipconfig/flushdns and ipconfig/registerdns and wait for 5
min, and reboot and login, it logs on, ie it doesn't complain that
computer is not in the domain.
All the system get ip through dhcp and dns is configure with dynamic dsn,
both dhcp and named are running on PDC only.
This problem is getting repeatedly.
please guide me
my smb.conf file is
########################smb.conf ############################
[global]
workgroup = msdpl.com
netbios name = medhapdc
passdb backend = ldapsam:ldap://msdpl.com
server string = Domain Controller
hosts allow = 192.168.128. 192.168.129. 192.168.130. 127.
security = user
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = eth0,lo
printing = cups
disable spoolss = Yes
printcap name = cups
max print jobs = 100
enable privileges = yes
log level = 2
password level = 8
username level = 8
bind interfaces only = yes
local master = Yes
os level = 65
domain master = yes
preferred master = yes
remote browse sync = 192.168.130.3
null passwords = no
hide unreadable = yes
hide dot files = yes
domain logons = yes
logon script = %u.bat
logon path logon drive = X:
logon home wins support = yes
name resolve order = wins lmhosts host bcast
dns proxy = no
time server = yes
log file = /var/log/samba/%m.log
max log size = 50
nt acl support = yes
ldap passwd sync = yes
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
delete user script = /usr/local/sbin/smbldap-userdel "%u"
add machine script = /usr/local/sbin/smbldap-useradd -w "%m"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u"
"%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g '%g'
'%u'
ldap delete dn = Yes
ldap ssl = no
ldap suffix = dc=msdpl,dc=com
ldap admin dn = cn=manager,dc=msdpl,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=People
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
ldap timeout = 60
idmap backend = ldap:ldap://msdpl.com
idmap uid = 10000-20000
idmap gid = 10000-20000
check password script = /usr/local/bin/crackcheck -s
map acl inherit = yes
winbind use default domain = yes
template shell = /bin/false
######################################################[Share
Definations]###########################################
[homes]
comment = Home Directories
valid users = %S, root
browseable = no
read only = no
nt acl support = Yes
# Un-comment the following and create the netlogon directory for Domain Logons
[netlogon]
comment = Network Logon Service
path = /netlogon/scripts
guest ok = yes
browseable = yes
write list = root, kr1233
#Profiles Share
[profiles]
comment = Profiles Share
path = /profiles/%U
read only = No
browseable = yes
writeable = yes
veto files = /lost+found/.Trash-root/*.sh/*.scr/.recycle/desktop.ini
#############################################################
my dhcpd.conf file
##########################################dhcpd.conf###############
#########################################dhpcpd.conf############################
default-lease-time 259200;
max-lease-time 259201;
option domain-name "msdpl.com";
option domain-name-servers 192.168.129.20;
option netbios-name-servers 192.168.129.20;
option netbios-node-type 8; ### Node type = Hybrid ###
ddns-updates on; ### Dynamic DNS enabled ###
ddns-update-style interim;
authoritative;
one-lease-per-client true;
subnet 192.168.129.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.129.30 192.168.129.254;
option subnet-mask 255.255.255.0;
option routers 192.168.129.1;
# ddns-domainname "msdpl.com";
# ddns-rev-domainname "129.168.192.in-addr.arpa";
allow unknown-clients;
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}
#####################################################################
my /etc/named.conf file is
########################/etc/named.conf############################
//
// named.conf for Red Hat caching-nameserver
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
forwarders { 192.168.129.18; 192.168.130.3; 192.168.128.3; };
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
acl msdpl {
192.168.129.0/24;
192.168.128.0/24;
192.168.130.0/24;
};
zone "msdpl.com" IN {
type master;
file "msdpl.com.zone";
notify yes;
allow-query { msdpl; };
allow-transfer { msdpl; };
allow-update { msdpl; };
};
zone "129.168.192.in-addr.arpa" IN {
type master;
file "192.168.129.20.rev";
notify yes;
allow-query { msdpl; };
allow-transfer { msdpl; };
allow-update { msdpl; };
};
zone "130.168.192.in-addr.arpa" IN {
type master;
file "192.168.130.0.rev";
notify yes;
allow-query { msdpl; };
allow-transfer { msdpl; };
allow-update { msdpl; };
};
zone "128.168.192.in-addr.arpa" IN {
type master;
file "192.168.128.0.rev";
notify yes;
allow-query { msdpl; };
allow-transfer { msdpl; };
allow-update { msdpl; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "medhaindia.com" IN {
type master;
file "medhaindia.com.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"
IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
######################################################################################################
Regards
Niranjan
