mallapadi niranjan wrote:
Hi Craig
Thanks for replying, The samba PDC gets rebooted because of Power
outage, at night times.
After the system gets rebooted,
Scenario -01
1. Either some times the ldap gets hanged, (2.2.13) may be because of
inconsistency.
2. since ldap hangs, samba doesn't come up properly.
3. so i run db_recover and try to start the ldap service and then samba
Scenario-02
if LDAP doesn't hang, and samba comes up nicely, the computer had to
rejoin.
but in my ldapdatabase, in OU=Computers, all the computer accounts
exist. with
rid and Object class intact.
but some how i don't know why i have to rejoin,
Okay I just want to clarify this. After an unplanned reboot (power
outage) , your PDC comes back up and you find that some of the computers
in your domain need to rejoin the domain?? Do you have recent ldiff or
slapcats indicating that most of these computers have the same
properties in the LDAP database as before.
Scenario-03.
I take the regular backup of LDAP, to LDIF file, and restore with
latest LDIF file,
eventhough i don't get the Computer Accounts and also i lose user 's
passwords,
After restoring from LDIF file.
Scenario-04
If i do safe reboot or shutdown, there 's no problem , the server
works properly without any
problem
Regards
Niranjan
On 2/20/06, *Craig White* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
On Mon, 2006-02-20 at 11:55 +0530, mallapadi niranjan wrote:
> Hi all
>
>
> I too have the same problem , i am also using samba 3.0.21 with
> openldap version 2.2.13 on Redhat Enterprise Linux 4 enterprise
> server.
> if the samba PDC gets rebooted aburuptly, some of my clients
> workstations (Windows 2000 professional) have to rejoin.
> i was asked to check whether RID of the computer name is
correct(uid*2
> + 1000) , ans whether
> computer names have SambaSAMAccount object class.
> eventhough my computernames' exist in the database with correct
object
> class and rid, the clients
> have to be rejoined. this happens only when samba PDC with ldap
gets
> rebooted abruptly.
> having said that, so i assume that LDAP is unable to maintain
> consistency when it gets rebooted.
>
> so i had kept DB_CONFIG file in /var/lib/ldap(this is where all bdb
> files are there) and use db_recover
> in case of any crash of ldap.
>
> But if we take backup in LDIF file and restore it, but still my
> computer accounts are not getting back, i had to rejoin.
>
> this is the problem that i am having, but still could not find the
> correct solution.
----
No - as you and he describe it, these are separate problems.
Your issues is that PDC shouldn't get rebooted abruptly and newer
versions of openldap have a script that automatically runs db_recover.
This however doesn't come in the version of openldap that ships with
RHEL
You might want to set up a cron script that performs a slapcat on
a more
frequent basis so that if it is necessary to dump the entire LDAP DSA
and reload from an ldif, the ldif is much more current and thus, you
wouldn't have to rejoin many if any computers to the domain.
Craig
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
