Tomasz Chmielewski wrote:
Scott Mayo schrieb:
Tomasz Chmielewski wrote:
Scott Mayo schrieb:
I have two serves set up. One will be my PDC (master) and the other
will be my BDC (slave). I have openldap setup and replicating the
data between the two servers.
Everything seems to work fine from the Master, but I have one
problem with the slave. From the slave, I can do an ldapsearch and
everthing is fine. But when I do a 'pdbedit -L', I get the following:
Unknown parameter encountered "ldap map suffix"
Ignoring unknown parameter "ldap map suffix"
failed to bind to server with dn="blah,blah" Error: Can't contact
LDAP server (unknown)
smbldap_search_suffix: Problem during the ldap search (unknown)
Timed out
Everything works fine with any ldap command that I enter, so I
assume that it is something to do with samba. Also,I can logon to
the Master server with a Windows client just fine. If I take the
Master down and then try to login with my windows client, it tells
me the domain is not available. I would have thought the BDC would
have taken over. Any ideas what to look at? I can post my conf
files if need be.
It looks like the replication is configured (is it?), but not Samba.
1)
Do you see users added on PDC also on BDC?
use "getent passwd" for that.
Yes, that works.
2)
Did you do "testparm"?
It will check your smb.conf for errors.
Yes, everything seem to be alright there
well, that contradicts what you said before:
Unknown parameter encountered "ldap map suffix"
Ignoring unknown parameter "ldap map suffix"
I might have fixed something since then, but I thought it did not give
any errors the first time. Not getting that error anymore now though
since I changed a setting.
3)
BDC would take over domain logons (but not domain joins) only if it's
configured properly.
In your case, it looks like it isn't.
Any idea what I need to look at? Strange thing is this:
I have a script that builds my login batch files on the go and saves
them in the netlogon directory. If the PDC is up by itself, then it
works fine. When I bring the BDC up and login with the client, it
saves the batch file to the BDC's netlogon directory. But if I take
down the PDC then the client cannot login to the BDC.
I actually got it to where the 'pdbedit -L' works while the Master is
up, but if I take down the master then I get errors.
well, I'd do some more things.
1) set log level to 3 in smb.conf
2) stop Samba
3) remove logs from /var/log/samba
4) start Samba
5) see the logs if there are any indications about failures in
contacting LDAP?
Actually the BDC says it failed to get ldap server info. Not sure why
since ldapsearch and other things seem to work.
6) see BDC and PDC logs and search who the PDC *really* is (maybe BDC
doesn't know it for some reason)?
How do I do this? I assume from the nmbd.log file, but not sure how to
tell which server won.
7) can you add usernames/workstations from command line on BDC?
smbldap-useradd -w testworkstation
getent passwd
I can, but getent does not pull it up from the slave. It does from the
master after adding it from the slave. I have just found out that
replication only works if I do a One Shot mode of slurpd. That has me
bumfuzzled, so I will see what I can figure out on that.
8) you might also want to stop Samba, remove all *.tdb files, and start
it once again - make a backup of these files, I don't want to break
anything in your setup :)
Don't worry about breaking anything. This is all test. Once I get it
done, I am going to reset it up. :) What was removing the tdb files
supposed to do?
It takes forever to log in when the BDC is actually up.
--
Scott Mayo
Technology Coordinator
Bloomfield Schools
PH: 573-568-5669
FA: 573-568-4565
Pager: 800-264-2535 X2549
Duct tape is like the force, it has a light side and a dark side and it
holds the universe together.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
