Gidday
I am in the process of finishing a server migration (to a new server),
and am having problems with samba on the new server. The old server
was running samba 3.0.22-r3 on a Gentoo machine, and the new server is
running Samba 3.0.25a on a Solaris 10 machine. I have copied the files
across OK, I have copied the samba configuration OK, samba runs fine,
connects to the ldap backend fine, seems to check passwords fine, and
even lets me connect to the file shares just fine.
The problem is that the clients don't recognise the new server as
their domain controller. Attempts to log in with a username that is
not already cached on the client returns a "The domain <DOMAIN> is
not
available" error. If I remove the computer from the domain, and then
try reconnect it, it brings up the error saying "A domain controller
for domain <DOMAIN> could not be contacted", and an advanced info
button seems to indicate that I should check that my domain is
registered properly in WINS.
Doing a smbclient -L //<NEWSERVERNAME>/ gives me:
> Domain=[<DOMAIN>] OS=[Unix] Server=[Samba 3.0.25a]
>
> Sharename Type Comment
> --------- ---- -------
> temp Disk
> test Disk
> c Disk
> blah Disk
> stuff Disk
> IPC$ IPC IPC Service (Allstaff Fileserver)
> someuser Disk Home Directories
> Domain=[<DOMAIN>] OS=[Unix] Server=[Samba 3.0.25a]
>
> Server Comment
> --------- -------
> BROTHER-COLOUR
> BROTHER1
> BROTHER2
> <OLDSERVERNAME> Fileserver
> <NEWSERVERNAME> New Fileserver
>
> Workgroup Master
> --------- -------
> <DOMAIN> <OLDSERVERNAME>
(I've changed the names here to protect the innocent, but I think I've
kept it unambiguous).
If I log onto the clients, (using a username whose password is cached
by the client) I notice that the environment variable LOGONSERVER is
still set to the name of the old server. That may just be part of the
caching, however - I'm not sure.
Any ideas on what I should do? Do I need to change the sambaSID entry
in the sambaDomainName=<DOMAIN>,<LDAPBASE> entry of my ldap server?
Included here is a copy of my smb.conf, if that helps.
> [global]
> workgroup = <DOMAIN>
> realm = <DOMAIN>
> server string = Fileserver
> map to guest = Bad User
> # smb passwd file = /etc/samba/private/smbpasswd
> passdb backend = ldapsam:ldap://ldap.dns.domain/
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> logon script = logon.cmd
> logon path = \\%N\profiles\%U
> logon drive = H:
> logon home = \\fileserver\%U
> domain logons = Yes
> os level = 255
> preferred master = Yes
> domain master = Yes
> dns proxy = No
> wins support = Yes
> ldap admin dn = cn=IT_Administrator,<LDAP SUFFIX>
> ldap group suffix = ou=Group
> ldap idmap suffix = ou=Idmap
> ldap machine suffix = ou=Computers,ou=Users
> ldap suffix = <LDAP SUFFIX>
> #ldap ssl = start tls
> ldap user suffix = ou=People,ou=Users
> template homedir = /dev/null
> nt acl support = Yes
> ea support = Yes
> map acl inherit = Yes
> print command = /usr/bin/lp -d '%p' %s; rm %s
> lpq command = /usr/bin/lpstat -o '%p'
> lprm command = /usr/bin/cancel '%p-%j'
> lppause command = lp -i '%p-%j' -H hold
> lpresume command = lp -i '%p-%j' -H resume
> queuepause command = /usr/bin/disable '%p'
> queueresume command = /usr/bin/enable '%p'
> hide files = /thumbs.db/Thumbs.db/
Thanks in advance.
--
Matt Skerritt
matt.skerritt@agrav.net