On Wednesday 18 June 2008, John Drescher wrote: > > We have a domain with more than 100 users and we need to replace our PDC. > > The PDC main function is to authenticate our users to connect to the > > shared drive and to authenticate computer login. The PDC is running > > samba with openldap on Gentoo machine. I have two BDCs with ACL set to > > read and write only. It was set that way to make the syncing process > > easier. The syncing process is like a chain using slurpd. We plan to > > use "syncrepl" later. > > > > What is the best way to do to replace the PDC? I already have a Gentoo > > machine up and running. I copied over all the samba and openldap files > > from the old PDC to this new machine. I also exported the database by > > running the "slapcat -l" command. I am hesitant to start the slapd, > > slurpd and samba service as I am not so sure if I am doing the right > > thing. > > Disconnect the network cable on the new machine to make sure you are > not interfering with the rest of the network. > Start slapd then use slapadd to add your ldap to the database. Use > slapcat to verify that all was added and the ldif looks correct. Then > start samba and see if the smbclient can connect to itself. > > Is the old machine the same name as the new? How about the ipddress? > Are you using wins, lmhosts or dns for your clinets to find the pdc? > > BTW, I have to cut this a lot shorter than I want but I am very busy > at the day job and if I do not get my tasks done several new users > will not have a pc on Monday. > > John
I'll add my two cents. I recently did this, except we aren't using ldap. Didn't see the advantage. It was a new box with a different IP address. Long story short: All but 2 XP SP2 refused to join the new domain. Told me Logon failure: unknown user name or bad password. The Win2K and XP SP1 machines did not have a problem, and the log files show root authenticated successfully, so it looks like XP SP2 is the problem, but I have no idea why 2 joined when all the rest didn't. Still haven't found the reason or fix and most machines are workgroup members now...Good luck, hopefully you won't need it. -- Fail to learn history-repeat it. Fail to learn rights-lose them. Learn both-get screwed by previous two groups. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba