Hello all.
What we have:
samba-3.0.32_1
FreeBSD-6.3
PDC + BDC + LDAP.
All seems work mostly fine, but today I can`t add computer to domain.
Error says what domain not exist or cant be reached (im don`t know how
it says in english windows - im translate from russian)
Im start to read logs and found many errors in differrent logs:
tdb_chainlock_with_timeout_internal: alarm (10) timed out for key DC in
tdb /usr/local/etc/samba/secrets.tdb
log.172.16.1.2: domain_client_validate: unable to validate password for
user ilyin-vy in domain HQ to Domain controller DC. Error was
NT_STATUS_IO_TIMEOUT.
log.172.16.1.2: cli_rpc_pipe_close: cli_close failed on pipe \NETLOGON,
fnum 0x7485 to machine DC. Error was Call timed out: server did not
respond after 10000 milliseconds
repeated million times..
What does it mean?
testparm on PDC:
%testparm
Load smb config files from /usr/local/etc/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[mail]"
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
[global]
dos charset = cp866
unix charset = koi8-r
display charset = koi8-r
workgroup = HQ
server string = DC Server
security = DOMAIN
passdb backend = ldapsam:ldap://localhost/
log file = /var/log/samba/log.%m
max log size = 500
time server = Yes
add user script = /usr/local/sbin/ldapadduser '%u' users
rename user script = /usr/local/sbin/ldaprenameuser '%uold' '%unew'
delete user script = /usr/local/sbin/ldapdeleteuser '%u'
add group script = /usr/local/sbin/ldapaddgroup '%g'
delete group script = /usr/local/sbin/ldapdeletegroup '%g'
add user to group script = /usr/local/sbin/ldapaddusertogroup
'%u' '%g'
delete user from group script =
/usr/local/sbin/ldapdeleteuserfromgroup '%u' '%g'
set primary group script = /usr/local/sbin/ldapsetprimarygroup
'%u' '%g'
add machine script = /usr/local/sbin/ldapaddmachine '%u' computers
logon path =
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap admin dn = "cn=root,dc=fxclub,dc=org"
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap suffix = ou=Samba,dc=fxclub,dc=org
ldap ssl = no
ldap user suffix = ou=Users
winbind separator = +
winbind use default domain = Yes
admin users = admin
inherit acls = Yes
hosts allow = 172.16.1., 192.168.1., 127.
map acl inherit = Yes
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /var/db/samba/netlogon
guest ok = Yes
browseable = No
share modes = No
[mail]
comment = temp
path = /tmp/mail
read only = No
create mask = 0777
guest ok = Yes
browseable = No
--
Best regards,
Proskurin Kirill
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
