samba - Oct 2007 - security = domain -- samba adds its netbios name as samba domain to LDAP

Hi!

I am running a RedHat Cluster with Samba shares that can failover to 
other nodes.
On every node there is one Samba instance running permanently and acting 
as BDC (BDC instance) for my Samba domain, that binds to the physical 
network interfaces of the node.

When starting a samba resource on a cluster node, I mount the 
corresponding file system from SAN on that node and start another 
instance of Samba. Each share instance has it's own config- log- and 
pid-files and binds to a virtual network interface that is created by 
the cluster.

For the share instances I set "security = domain" to let this instance
authenticate against one of the BDC instances.

When starting a share instance, it looks for its samba domain in LDAP, 
when it does not find it, it creates it.
The problem is:
	It takes its' netbios name as domain name and not the workgroup as 
supposed.

The samba domain should be "mycompany" as stated in workgroup and not 
"USER" as stated in netbios name!

I am running:
	Ubuntu 7.04 with 2.6.20-16-server kernel
	3.0.24-2ubuntu1.2 (included in Ubuntu distribution)

log.smbd:
[2007/10/05 14:03:38, 2] lib/smbldap_util.c:smbldap_search_domain_info(219)
   smbldap_search_domain_info: Searching 
for:[(&(objectClass=sambaDomain)(sambaDomainName=USER))]
[2007/10/05 14:03:38, 2] lib/smbldap.c:smbldap_open_connection(788)
   smbldap_open_connection: connection opened
[2007/10/05 14:03:38, 3] lib/smbldap.c:smbldap_connect_system(992)
   ldap_connect_system: succesful connection to the LDAP server
[2007/10/05 14:03:38, 3] lib/smbldap_util.c:smbldap_search_domain_info(241)
   smbldap_search_domain_info: Got no domain info entries for domain
[2007/10/05 14:03:38, 3] lib/smbldap_util.c:add_new_domain_info(130)
   add_new_domain_info: Adding new domain
[2007/10/05 14:03:38, 2] lib/smbldap_util.c:add_new_domain_info(195)
   add_new_domain_info: added: domain = USER in the LDAP database
[2007/10/05 14:03:38, 3] 
lib/smbldap_util.c:add_new_domain_account_policies(43)
   add_new_domain_account_policies: Adding new account policies for domain
[2007/10/05 14:03:38, 2] lib/smbldap_util.c:smbldap_search_domain_info(219)
   smbldap_search_domain_info: Searching 
for:[(&(objectClass=sambaDomain)(sambaDomainName=USER))]


My smb.conf for the share instance:
[global]

    workgroup = mycompany
    netbios name = user
    server string = %L-%h

    wins server = 192.168.2.235

    dns proxy = yes

    pid directory = /var/run/samba/%L/
    lock directory = /var/run/samba/%L/locks

    interfaces = 192.168.6.236 192.168.1.236
    bind interfaces only = true

    log file = /SERVICE/samba/var/log/samba/%L/log.%m
    log level = 3
    max log size = 1000
    syslog = 0

    panic action = /usr/share/samba/panic-action "%h-%L: %d"

    security = domain
    password server = vserver server1 server2 server3 server4
    encrypt passwords = true

    obey pam restrictions = yes

    guest account = nobody

    unix password sync = yes

    passwd program = /usr/bin/passwd %u
    passwd chat = "*New password:*" %n\n "*Re-enter new
password:*" %n\n
"*LDAP password information changed for*"
    passwd chat debug = yes

    domain logons = no
    local master = no
    os level = 60
    domain master = no
    preferred master = no

    logon path     logon drive 
    passdb backend = ldapsam:ldap://192.168.6.229/
    ldap admin dn = cn=administrator,dc=mylocation,dc=mycompany
    ldap suffix = dc=mylocation,dc=mycompany
    ldap group suffix = ou=Group
    ldap user suffix = ou=User
    ldap machine suffix = ou=Machine

    load printers = no
    printcap name = /dev/null
    disable spoolss = yes

    socket options = TCP_NODELAY

    idmap domains = mycompany

#Cache
    aio read size = 0
    aio write size = 0
    blocking locks = yes
    fake oplocks = no
    kernel oplocks = yes
    level2 oplocks = no
    oplocks = no
    posix locking = yes
    strict locking = no
    strict sync = no
    sync always = no
    write cache size = 0

#Shares
[USER]
    comment = Benutzerdaten
    path = /USER
    browseable = yes
    read only = no
         read only = No
         guest ok = Yes
         hide dot files = No

Any ideas?
I would be glad for some help.

Best regards
	Christian

On Fri, Oct 05, 2007 at 02:11:23PM +0200, Christian Brandes
wrote:
> The samba domain should be "mycompany" as stated in workgroup and
not
> "USER" as stated in netbios name!
Works as designed. Every box has a SAM of its own.

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :
http://lists.samba.org/archive/samba/attachments/20071005/f8ca894f/attachment.bin