Chris Richardson
2012-Oct-28 19:55 UTC
[Samba] Snow Leopard server as PDC: problems binding linux machines
First of all, apologies for our hilarious system architecture. It's this way for historical reasons. I had a setup that worked; I now have a setup that doesn't work and I'm trying to work out why. The setup that worked: OS X Tiger (10.4) Server as PDC. Linux servers (a variety of flavours, from Ubuntu 8.04 LTS to SLES 11 SP2) getting user information from the server by LDAP and using SMB to export file shares, handing authentication requests back to the OS X machine by tbdsam. What broke it: Updating the OS X machine to Snow Leopard Server. What broke: the older (Samba version 3.0.28) linux boxes can still bind to the PDC and hand mount requests ok. The newer machines (3.6.3) can't bind to the PDC and can't authenticate mount requests. On a new machine, if I try to bind I get: net rpc bind -U <PDC directory admin> -S <server> error setting trust account password: NT_STATUS_ACCESS_DENIED Unable to join domain CSB. My guess is that somewhere between 3.0.28 and 3.6.3 the way samba servers bind to the PDC has changed and one or both ends of the relationship is making a hilarious mess of the way trust accounts are set up. Before I start pasting lots of errors into an email and making it unreadable, does anyone have an OS X 10.6 machine as a PDC? Or does anyone have any ideas why an older linux machine can bind and pass on authentication requests but a newer one can't? Regards, Chris The Institute of Cancer Research: Royal Cancer Hospital, a charitable Company Limited by Guarantee, Registered in England under Company No. 534147 with its Registered Office at 123 Old Brompton Road, London SW7 3RP. This e-mail message is confidential and for use by the addressee only. If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer and network.