Re: [Samba] Samba as PDC and BDC on the same network.
Jean-Jacques Moulis a écrit : On Mon, 07 Mar 2005 09:57:47 + Clement DIEBOLD <[EMAIL PROTECTED]> wrote: CD> >CD> Then, if I put : CD> >CD> >> @echo off CD> >CD> >> echo "Script de demarrage" CD> >CD> >> net use T: \\PDC\temp /PERSISTENT:NO CD> >CD> >> CD> >CD> >> Then, if the PDC becomes down, this script wouldn't work and i must CD> >CD> >> be there to change the name of the server in the script. CD> >CD> >> CD> >CD> >> So, what should I do ?? CD> >CD> >> CD> >CD> >> Thanks for the responses. CD> >CD> >> CD> >CD> > Any idea ?? CD> >CD> > CD> >CD> > Thanks CD> >CD> CD> >CD> Nobody :( CD> > CD> > A preexec script on the BDC netlogon share could modify the logon script CD> >according to the availability of the PDC. CD> > CD> > CD> Can you give me an example of the preexec script please? in smb.conf .. [netlogon] . browseable = no public = no root preexec = search_for_life_signs search_for_life_signs: #! /bin/sh if ping PDC > /dev/null 2>&1 ; then cp epitaph_for_the_PDC LOGON.BAT fi Even if you are located at a place with such mournful connotation I don't think your PDC will expire so often. This idea of a preexec script is not that good after all Instead of a preexec script you should run a cron job on the BDC that make the LOGON.BAT change when the PDC is unavailable. You should also have a better check than ping, perhaps something with smbclient. The check should also allow for some transient failures of the PDC. The change should be oneway, I suppose, you probably want to know where the most recent data is. CD> -- CD> Clément DIEBOLD CD> Service Informatique CD> LMARC Université de Franche-Comté CD> 24, chemin de l'Epitaphe CD> 25000 Besançon CD> Tel : 03 81 66 60 53 CD> Fax : 03 81 66 67 00 OK, but know how to change the logon home = \\%L\%U logon path = \\%L\Profiles\%U in my smb.conf when the PDC is down? Thanks for your answers. -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] Samba as PDC and BDC on the same network.
On Mon, 07 Mar 2005 08:31:47 + Clement DIEBOLD <[EMAIL PROTECTED]> wrote: CD> Then, if I put : CD> >> @echo off CD> >> echo "Script de demarrage" CD> >> net use T: \\PDC\temp /PERSISTENT:NO CD> >> CD> >> Then, if the PDC becomes down, this script wouldn't work and i must CD> >> be there to change the name of the server in the script. CD> >> CD> >> So, what should I do ?? CD> >> CD> >> Thanks for the responses. CD> >> CD> > Any idea ?? CD> > CD> > Thanks CD> CD> Nobody :( A preexec script on the BDC netlogon share could modify the logon script according to the availability of the PDC. -- Jean-Jacques Moulis Tel: (013) 281684 ISYFax: (013) 139282 Linköping UniversityE-mail: [EMAIL PROTECTED] 581 83 Linköping -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
@echo off echo "Script de demarrage" net use T: \\PDC\temp /PERSISTENT:NO Then, if the PDC becomes down, this script wouldn't work and i must be there to change the name of the server in the script. So, what should I do ?? Maybe you could use errorlevel to try your preferred server first? net use T: \\PDC\temp /PERSISTENT:NO if errorlevel 1 net use T: \\%LOGONSERVER%\temp /PERSISTENT:NO -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
Clement DIEBOLD a écrit : Clement DIEBOLD a écrit : John H Terpstra a écrit : On Wednesday 02 March 2005 09:10, Clement DIEBOLD wrote: Mccrory, Kevin B a écrit : This is the way it should be working. The BDC handles authentication requests for the domain unless it becomes overloaded at which time the PDC steps in to take over. Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference Guide that explains Domain Control. In fact, the two servers are running : the PDC make the authentification and the BDC make nothing. I shut down the samba PDC, then the BDC make authentification. When the PDC comes back the authentification still made on the BDC. Then if i shut down the BDC, the PDC remake the authentification, but if I restart the samba on BDC, BDC make authentification. Strange, is'nt it?? No, I am glad to see that you find Samba domain control works as it should. It would be strange if it behaved differently. - John T. OK. I have a netlogon script to map networks drives (home and temp) : @echo off echo "Script de demarrage" net use T: %LOGONSERVER%\temp /PERSISTENT:NO If the users are authenticated by the BDC, the share would be mounted on the BDC and not on the PDC. The users data are on the PDC and are replicated after with rsync on the BDC. So the data should be on the PDC. Then, if I put : @echo off echo "Script de demarrage" net use T: \\PDC\temp /PERSISTENT:NO Then, if the PDC becomes down, this script wouldn't work and i must be there to change the name of the server in the script. So, what should I do ?? Thanks for the responses. Any idea ?? Thanks Nobody :( -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
Clement DIEBOLD a écrit : John H Terpstra a écrit : On Wednesday 02 March 2005 09:10, Clement DIEBOLD wrote: Mccrory, Kevin B a écrit : This is the way it should be working. The BDC handles authentication requests for the domain unless it becomes overloaded at which time the PDC steps in to take over. Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference Guide that explains Domain Control. In fact, the two servers are running : the PDC make the authentification and the BDC make nothing. I shut down the samba PDC, then the BDC make authentification. When the PDC comes back the authentification still made on the BDC. Then if i shut down the BDC, the PDC remake the authentification, but if I restart the samba on BDC, BDC make authentification. Strange, is'nt it?? No, I am glad to see that you find Samba domain control works as it should. It would be strange if it behaved differently. - John T. OK. I have a netlogon script to map networks drives (home and temp) : @echo off echo "Script de demarrage" net use T: %LOGONSERVER%\temp /PERSISTENT:NO If the users are authenticated by the BDC, the share would be mounted on the BDC and not on the PDC. The users data are on the PDC and are replicated after with rsync on the BDC. So the data should be on the PDC. Then, if I put : @echo off echo "Script de demarrage" net use T: \\PDC\temp /PERSISTENT:NO Then, if the PDC becomes down, this script wouldn't work and i must be there to change the name of the server in the script. So, what should I do ?? Thanks for the responses. -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- Any idea ?? Thanks -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
John H Terpstra a écrit : On Wednesday 02 March 2005 09:10, Clement DIEBOLD wrote: Mccrory, Kevin B a écrit : This is the way it should be working. The BDC handles authentication requests for the domain unless it becomes overloaded at which time the PDC steps in to take over. Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference Guide that explains Domain Control. Kevin B. McCrory Network Engineer - COPS US Government Solutions 13600 EDS Drive Mail stop: A4S-B21 Herndon, VA 20171 * phone: +01-703-733-3255 * mailto:[EMAIL PROTECTED] * AKO mailto:[EMAIL PROTECTED] In fact, the two servers are running : the PDC make the authentification and the BDC make nothing. I shut down the samba PDC, then the BDC make authentification. When the PDC comes back the authentification still made on the BDC. Then if i shut down the BDC, the PDC remake the authentification, but if I restart the samba on BDC, BDC make authentification. Strange, is'nt it?? No, I am glad to see that you find Samba domain control works as it should. It would be strange if it behaved differently. - John T. OK. I have a netlogon script to map networks drives (home and temp) : @echo off echo "Script de demarrage" net use T: %LOGONSERVER%\temp /PERSISTENT:NO If the users are authenticated by the BDC, the share would be mounted on the BDC and not on the PDC. The users data are on the PDC and are replicated after with rsync on the BDC. So the data should be on the PDC. Then, if I put : @echo off echo "Script de demarrage" net use T: \\PDC\temp /PERSISTENT:NO Then, if the PDC becomes down, this script wouldn't work and i must be there to change the name of the server in the script. So, what should I do ?? Thanks for the responses. -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
On Wednesday 02 March 2005 09:10, Clement DIEBOLD wrote: > Mccrory, Kevin B a écrit : > >This is the way it should be working. The BDC handles authentication > >requests for the domain unless it becomes overloaded at which time the PDC > >steps in to take over. > >Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference > >Guide that explains Domain Control. > > > >Kevin B. McCrory > >Network Engineer - COPS > >US Government Solutions > >13600 EDS Drive > >Mail stop: A4S-B21 > >Herndon, VA 20171 > >* phone: +01-703-733-3255 > >* mailto:[EMAIL PROTECTED] > >* AKO mailto:[EMAIL PROTECTED] > > In fact, the two servers are running : the PDC make the authentification > and the BDC make nothing. > I shut down the samba PDC, then the BDC make authentification. When the > PDC comes back the authentification still made on the BDC. > > Then if i shut down the BDC, the PDC remake the authentification, but if > I restart the samba on BDC, BDC make authentification. > > Strange, is'nt it?? No, I am glad to see that you find Samba domain control works as it should. It would be strange if it behaved differently. - John T. > > Thanks > > -- > Clément DIEBOLD > Service Informatique > LMARC Université de Franche-Comté > 24, chemin de l'Epitaphe > 25000 Besançon > Tel : 03 81 66 60 53 > Fax : 03 81 66 67 00 > -- -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
On Wednesday 02 March 2005 06:53, Misty Stanley-Jones wrote: > On Wednesday 02 March 2005 08:14 am, Clement DIEBOLD wrote: > > And the second, the BDC like : > >domain master = no > >prefered master = no > >local master = no > >domain logons = yes > >security = user > > I think this needs to be "security = server" but correct me if I am wrong. > On your BDC do testparm and it will show you the role of the server. No, please do not use "security = server" - Clement's configuration is correct. Server-mode security does pass-through authentication and was introduced before we understood how domain membership fully functions. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
Mccrory, Kevin B a écrit : This is the way it should be working. The BDC handles authentication requests for the domain unless it becomes overloaded at which time the PDC steps in to take over. Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference Guide that explains Domain Control. Kevin B. McCrory Network Engineer - COPS US Government Solutions 13600 EDS Drive Mail stop: A4S-B21 Herndon, VA 20171 * phone: +01-703-733-3255 * mailto:[EMAIL PROTECTED] * AKO mailto:[EMAIL PROTECTED] In fact, the two servers are running : the PDC make the authentification and the BDC make nothing. I shut down the samba PDC, then the BDC make authentification. When the PDC comes back the authentification still made on the BDC. Then if i shut down the BDC, the PDC remake the authentification, but if I restart the samba on BDC, BDC make authentification. Strange, is'nt it?? Thanks -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
Misty Stanley-Jones a écrit : On Wednesday 02 March 2005 08:14 am, Clement DIEBOLD wrote: And the second, the BDC like : domain master = no prefered master = no local master = no domain logons = yes security = user I think this needs to be "security = server" but correct me if I am wrong. On your BDC do testparm and it will show you the role of the server. Misty I have run the testparm on both and it indicates : ROLE_DOMAIN_PDC and ROLE_DOMAIN_BDC . I have read that security = server is less secure than security = user or domain. -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba as PDC and BDC on the same network.
This is the way it should be working. The BDC handles authentication requests for the domain unless it becomes overloaded at which time the PDC steps in to take over. Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference Guide that explains Domain Control. Kevin B. McCrory Network Engineer - COPS US Government Solutions 13600 EDS Drive Mail stop: A4S-B21 Herndon, VA 20171 * phone: +01-703-733-3255 * mailto:[EMAIL PROTECTED] * AKO mailto:[EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Clement DIEBOLD Sent: Wednesday, March 02, 2005 8:14 AM To: samba@lists.samba.org Subject: [Samba] Samba as PDC and BDC on the same network. I have recently configured two servers to be controlers of my domain. The first one is the PDC and is configured like : domain master = yes prefered master = yes local master = yes domain logons = yes security = user os level = 99 And the second, the BDC like : domain master = no prefered master = no local master = no domain logons = yes security = user password server = PDC BDC os level = 40 When the two servers are started, i see in the logs : DOMAIN(1) current master browser = PDC BDC 40009a03 (BDC) PDC 400c9b0b (PDC) but my clients (windows 2000 and XP) are authenticated by the BDC. I don't unterstand why it's working like this !! The PDC becomes the master if I set the domain logons option to no. Thanks. -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as PDC and BDC on the same network.
On Wednesday 02 March 2005 08:14 am, Clement DIEBOLD wrote: > > And the second, the BDC like : >domain master = no >prefered master = no >local master = no >domain logons = yes >security = user I think this needs to be "security = server" but correct me if I am wrong. On your BDC do testparm and it will show you the role of the server. Misty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba as PDC and BDC on the same network.
I have recently configured two servers to be controlers of my domain. The first one is the PDC and is configured like : domain master = yes prefered master = yes local master = yes domain logons = yes security = user os level = 99 And the second, the BDC like : domain master = no prefered master = no local master = no domain logons = yes security = user password server = PDC BDC os level = 40 When the two servers are started, i see in the logs : DOMAIN(1) current master browser = PDC BDC 40009a03 (BDC) PDC 400c9b0b (PDC) but my clients (windows 2000 and XP) are authenticated by the BDC. I don't unterstand why it's working like this !! The PDC becomes the master if I set the domain logons option to no. Thanks. -- Clément DIEBOLD Service Informatique LMARC Université de Franche-Comté 24, chemin de l'Epitaphe 25000 Besançon Tel : 03 81 66 60 53 Fax : 03 81 66 67 00 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba