I have a file /var/samba/locks/browse.dat. Browsing does not require wins
so I suspect that deleting the wins cache was not sufficient.
What is the output of "hosted" on the servers? I am guessing that
408c9b2b
and 40899b2b are the host id's of your two servers.
When you login to a domain from a Windows PC, it should authenticate (all
things being equal) to a BDC. (nbtstat -c should show you which is the
controller and browser ip's.) But I am pretty sure when you change
password it has to pass the request to the PDC. So it seems like the BDC
can't find the PDC?
Do you have password sync enabled? That sometimes causes problems- makes it
appear that windows pw changing is broken with it is actually a problem with
the password sync.
Can you shutdown the BDC temporarily, restart a windows client, use
"nbtstat
-c" or "dcdiag" to verify the DC, and see it password changes
work?
-----Original Message-----
From: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org]
On Behalf Of Donny Brooks
Sent: Monday, November 01, 2010 9:34 AM
To: samba at lists.samba.org
Subject: [Samba] Very odd problem
I had previously tried to migrate our PDC to a new machine by simply
copying the config over and such. That failed miserably but luckily the
various home servers (BDC's in samba speak I think) took up the slack.
So after much debate, this weekend we moved the PDC back to the original
machine. We never moved LDAP off of the original machine, as only samba
functions moved.
I now know I did not move the PDC properly, as I should have set the new
one up as a BDC and then made sure everything was working, then shut
down the PDC and promote the new one to PDC by setting proper settings
in smb.conf. With all that behind me I still face a few issues:
Our users are still unable to do the CTRL+ALT+DEL change password
through windows. This only started occurring after the original move.
Looking through the log.nmbd it appears it couldn't find the master
browser. So after setting the stuff back to the original location and
deleting the wins.tdb and wins.dat files on all the home servers and PDC
I started up the PDC and then the others. I get this on the PDC:
[2010/11/01 08:09:04, 10]
nmbd/nmbd_sendannounce.c:381(announce_myself_to_domain_master_browser)
announce_myself_to_domain_master_browser: t (1288616942) -
last(1288616642) < 900
[2010/11/01 08:09:04, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups)
dump_workgroups()
dump workgroup on subnet 10.8.2.3: netmask= 255.255.255.0:
ADMIN(1) current master browser = ROARK
ROARK 408c9b2b (Roark)
ARCHIVES3 40809b1b (ARCHIVES3)
[2010/11/01 08:09:04, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups)
dump_workgroups()
dump workgroup on subnet UNICAST_SUBNET: netmask= 10.8.2.3:
WORKGROUP(6) current master browser = TESTPC1
HPSEARCH(5) current master browser = SEARCHROOM1
MYGROUP(4) current master browser = GISDUMP
HPRES(3) current master browser = MSTOLL
HP(2) current master browser = HSMT1
ADMIN(1) current master browser = UNKNOWN
ROARK 40899b2b (Roark)
Roark is our PDC and Archives3 is our main BDC (secondary LDAP too).
Something don't look quite right here since it appears it is trying to
talk to two seperate Roark's.... ROARK 408c9b2b (Roark) first and then
ROARK 40899b2b (Roark) secondly. What could cause this?
I just need to get this working as it was then we can work on getting
the replacement done right. Thanks in advance.
Donny B.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba