Hi Josh As you have suggested my Computer Accounts have the following object classes. and RID is also uid*2+1000.
dn: uid=comp07$,ou=Computers,dc=msdpl,dc=com *objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: sambaSamAccount *cn: comp07$ sn: comp07$ uid: comp07$ uidNumber: *1037 *gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer sambaSID: S-1-5-21-3963901886-956592875-555457773-*3074* sambaPrimaryGroupSID: S-1-5-21-3963901886-956592875-555457773-515 displayName: comp07$ sambaPwdCanChange: 0 sambaAcctFlags: [W ] The above information is when the computer is joined to the domain and works properly. But when if my pdc gets shut down abruptly , the above information regarding the computer account is same. but the computer gives the error that "the computer name is missing in the domain". I get the following errors 1.) _net_sam_logon: creds_server_setup failed. Rejecting auth request from client comp07 machine 2.) _net_auth2: creds_server_check failed, Rejecting auth request from client comp07 machine account comp07 The error 2 gets repeated whenever the user logon's request from that computer, ie the error 2 repeats always even when the computer is joined to the domain. and working properly. I get the following messges in /var/log/messages, when the PDC is running and all my clients are joined , what does these messages mean, i don't know. 1. smbd. api_samr_set_userinfo: unable to marshall SAMR_Q_SET_USERINFO. 2. getpeername failed. error was transport end pt. is not connected. My samba version is 3.0.21, and smbldap-tools version is 0.9 and slapd version is openldap: slapd 2.2.13 Regards Niranjan On 2/17/06, Josh Kelley <[EMAIL PROTECTED]> wrote: > > On 2/16/06, mallapadi niranjan <[EMAIL PROTECTED]> wrote: > > I have a query, I have a samba 3.0.21 with openldap, all my windows > clients > > are joined to PDC. > > but suddenly now , all my windows clients uanble to login > > but when i do getent passwd on the server , i could see all my computer > > accounts . even > > when i do ldapsearch -x -b "ou=Computers,dc=msdpl,dc=com" , i could see > the > > list of computer account names > > but my windows clients report error message that " the compter name is > > missing from the domain" . > > all the systems had to rejoin to the domain. even having the computer > > account names in the ldap database. > > Check that the computer accounts in LDAP have the appropriate Samba > object class and attributes. (In other words, check that they're not > just POSIX accounts.) > > Check that their RIDs are correct. Under the default setup, I think, > a user account's RID = uid * 2 + 1000. > > Try turning up the log level to see if that gives any more information. > > Josh Kelley > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba