Hi every body,
As you may have guessed, I've got a problem ;)
What I had :
- A PDC Server (Windows NT 4 SP 6a), called SERVER1, for the domain TEST
- A BDC Server (Windows NT 4 SP 6a), called SERVER2, for the domain TEST
Everything was working fine.
Now I switched my NT PDC to a Samba PDC, and I make SERVER1 a BDC for the domain.
Until now, no problem. I use samba 3.0.4, connected to OpenLDAP thanks to the ldapsam
method.
However, after promoting Samba to be the PDC, it seems that none of the two BDC
(SERVER1 and SERVER2) can synchronize SAM, LSA and BUILTIN databases from SAMBA.
So I can logon with any user/password that existed before the migration, but cannot
add any new account on the SAMBA/LDA Server. I've got a password error when trying to
log in.
On both servers, I have the following error :
Event ID 5718
The full synchronization replication of the LSA database from the primary domain
controller servername failed with the following error: Procedure number out of range.
I've successfully tried to establishe a secure channel from the BDC, with the
netdomain command
NETDOM BDC SERVER1 /SYNC
However, trying to force a synchronization returns :
C:\ntreskit>nltest /BDC_QUERY:TEST
Server : \\SERVER1
SyncState : REPLICATION_IN_PROGRESS
ConnectionState : Status = 1745 0x6d1 RPC_S_PROCNUM_OUT_OF_RANGE
The command completed successfully
The error message here corresponds to the message of the event viewer.
Have anyone of you seem anything like that before ?
I've search both the microsoft support site and the samba mailing list archive, but
without success.
Many thanks for your help.
Julien
Here is my smb.conf :
[Global]
workgroup = TEST
netbios name = SAMBA
server string = SAMBA-LDAP
username map = /etc/samba/smbusers
encrypt passwords = yes
interfaces = 172.16.0.115/16
domain logons = Yes
os level = 65
domain master = Yes
local master = No
security = user
wins support = Yes
passdb backend = ldapsam:ldap://localhost
ldap admin dn = "cn=samba,ou=DSA,dc=testdomain,dc=fr"
ldap ssl = off
ldap delete dn = yes
ldap user suffix = ou=Utilisateurs
ldap group suffix = ou=Groupes
ldap machine suffix = ou=Machines
ldap suffix = dc=testdomain,dc=fr
ldap idmap suffix = ou=Users
ldap passwd sync = yes
Dos charset = 850
Unix charset = ISO8859-1
log level = 99
log file = /var/log/samba/%m.log
max log size = 100000
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
logon script = logon.bat
logon drive = H:
logon home =
logon path =
add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
add user script = /usr/local/sbin/smbldap-useradd -m "%u"
add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
[homes]
comment = RÃpertoires utilisateurs
valid users = %U
read only = No
create mask = 0664
directory mask = 0775
browseable = No
[netlogon]
path = /var/lib/samba/netlogon
browseable = No
read only = Yes
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
