mallapadi niranjan wrote:
Hi Philip
yes, I have the same properties, (for checking i did the rid*2+1000
and object class test. , but
once the computer are rejoined, it gets new rid, not the rid which is
in the LDIF.
Regards
Niranjan
You might check your MS client event logs for this error.
error 3224
Changing machine account password for account <COMPUTER>$ failed with
the following error:
A remote procedure call (RPC) protocol error occurred.
On 2/21/06, *Philip Washington* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
mallapadi niranjan wrote:
> Hi Craig
>
> Thanks for replying, The samba PDC gets rebooted because of Power
> outage, at night times.
> After the system gets rebooted,
> Scenario -01
> 1. Either some times the ldap gets hanged, (2.2.13) may be
because of
> inconsistency.
> 2. since ldap hangs, samba doesn't come up properly.
> 3. so i run db_recover and try to start the ldap service and
then samba
>
> Scenario-02
> if LDAP doesn't hang, and samba comes up nicely, the computer had to
> rejoin.
> but in my ldapdatabase, in OU=Computers, all the computer accounts
> exist. with
> rid and Object class intact.
> but some how i don't know why i have to rejoin,
>
Okay I just want to clarify this. After an unplanned reboot (power
outage) , your PDC comes back up and you find that some of the
computers
in your domain need to rejoin the domain?? Do you have recent
ldiff or
slapcats indicating that most of these computers have the same
properties in the LDAP database as before.
> Scenario-03.
> I take the regular backup of LDAP, to LDIF file, and restore with
> latest LDIF file,
> eventhough i don't get the Computer Accounts and also i lose user 's
> passwords,
> After restoring from LDIF file.
>
> Scenario-04
> If i do safe reboot or shutdown, there 's no problem , the server
> works properly without any
> problem
>
> Regards
> Niranjan
>
>
> On 2/20/06, *Craig White* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
> <mailto: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>> wrote:
>
> On Mon, 2006-02-20 at 11:55 +0530, mallapadi niranjan wrote:
> > Hi all
> >
> >
> > I too have the same problem , i am also using samba 3.0.21
with
> > openldap version 2.2.13 on Redhat Enterprise Linux 4
enterprise
> > server.
> > if the samba PDC gets rebooted aburuptly, some of my clients
> > workstations (Windows 2000 professional) have to rejoin.
> > i was asked to check whether RID of the computer name is
> correct(uid*2
> > + 1000) , ans whether
> > computer names have SambaSAMAccount object class.
> > eventhough my computernames' exist in the database with
correct
> object
> > class and rid, the clients
> > have to be rejoined. this happens only when samba PDC with
ldap
> gets
> > rebooted abruptly.
> > having said that, so i assume that LDAP is unable to maintain
> > consistency when it gets rebooted.
> >
> > so i had kept DB_CONFIG file in /var/lib/ldap(this is
where all bdb
> > files are there) and use db_recover
> > in case of any crash of ldap.
> >
> > But if we take backup in LDIF file and restore it, but
still my
> > computer accounts are not getting back, i had to rejoin.
> >
> > this is the problem that i am having, but still could not
find the
> > correct solution.
> ----
> No - as you and he describe it, these are separate problems.
>
> Your issues is that PDC shouldn't get rebooted abruptly and
newer
> versions of openldap have a script that automatically runs
db_recover.
> This however doesn't come in the version of openldap that
ships with
> RHEL
>
> You might want to set up a cron script that performs a
slapcat on
> a more
> frequent basis so that if it is necessary to dump the entire
LDAP DSA
> and reload from an ldif, the ldif is much more current and
thus, you
> wouldn't have to rejoin many if any computers to the domain.
>
> Craig
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
