[Samba] Backup Domain not working - Samba

This is a discussion on [Samba] Backup Domain not working - Samba ; I recently set up a backup domain controller using Samba 3.0.23. I have a Samba PDC already running, and all is working fine, but once I added the BDC, now when people log in to their windows account, their home ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: [Samba] Backup Domain not working

  1. [Samba] Backup Domain not working

    I recently set up a backup domain controller using Samba 3.0.23. I have
    a Samba PDC already running, and all is working fine, but once I added
    the BDC, now when people log in to their windows account, their home
    directory is now being mapped to their home on the BDC (which is empty)
    instead of the PDC. Conf files from each below:

    PDC Samba Conf:
    [global]
    unix charset = LOCALE
    workgroup = mydomain
    netbios name = PDC
    server string = Domain Controller running %v
    interfaces = eth1, lo
    bind interfaces only = yes
    os level = 255
    preferred master = yes
    local master = yes
    domain master = yes
    security = user
    time server = yes
    username map = /etc/samba/smbusers
    wins support = yes
    encrypt passwords = yes
    pam password change = yes
    name resolve order = wins bcast hosts
    winbind nested groups = no
    passdb backend = ldapsam:"ldap://127.0.0.1 ldap://BDC"
    ldap passwd sync = Yes
    ldap suffix = dc=mydomain,dc=com
    ldap admin dn = cn=Manager,dc=mydomain,dc=com
    ldap ssl = no
    ldap group suffix = ou=Groups
    ldap user suffix = ou=People
    ldap machine suffix = ou=People
    ldap idmap suffix = ou=Idmap
    idmap backend = ldap:ldap://127.0.0.1/
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    map acl inherit = yes
    add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
    #delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
    add machine script = /etc/smbldap-tools/smbldap-useradd -w "%u"
    add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
    #delete group script = /etc/smbldap-tools/smbldap-groupdel "%g"
    add user to group script = /etc/smbldap-tools/smbldap-groupmod -m
    "%u" "%g"
    delete user from group script =
    /etc/smbldap-tools/smbldap-groupmod -x "%u" "%g"
    set primary group script = /etc/smbldap-tools/smbldap-usermod -g
    "%g" "%u"
    domain logons = yes
    log file = /var/log/samba/log.%m
    log level = 1
    syslog = 0
    max log size = 50
    #smb ports = 139 445
    smb ports = 139
    hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0
    # User profiles and home directories
    logon drive = U:
    logon path = \\%L\profiles\%U
    logon script = %U.bat
    large readwrite = no
    read raw = no
    write raw = no
    printcap name = /etc/printcap
    load printers = no
    printing =
    template shell = /bin/false
    winbind use default domain = no

    BDC Samba Conf.
    [global]
    unix charset = LOCALE
    workgroup = mydomain
    server string = Backup Domain Controller
    security = domain
    username map = /etc/samba/smbusers
    log level = 1
    syslog = 0
    log file = /var/log/samba/%m.log
    max log size = 50
    smb ports = 139
    name resolve order = wins bcast hosts
    wins server = 172.16.24.7
    ldap suffix = dc=mydomain,dc=com
    ldap machine suffix = ou=People
    ldap user suffix = ou=People
    ldap group suffix = ou=Groups
    ldap idmap suffix = ou=Idmap
    ldap admin dn = cn=Manager,dc=mydomain,dc=com
    idmap backend = ldap:ldap://PDC
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    winbind trusted domains only = yes
    password server = 172.16.24.7
    template shell = /bin/false
    domain master = no
    local master = no
    os level = 0
    preferred master = no
    winbind use default domain = no
    veto oplock files = /*.mbd/
    large readwrite = no
    read raw = no
    write raw = no printcap name = /etc/printcap
    load printers = no
    printing =

    --

    *Jason Baker
    */IT Coordinator/


    *Glastender Inc.*
    5400 North Michigan Road
    Saginaw, Michigan 48604 USA
    800.748.0423
    Phone: 989.752.4275 ext. 228
    Fax: 989.752.4444
    www.glastender.com

    -----BEGIN GEEK CODE BLOCK-----
    Version: 3.1
    GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
    w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
    r+++ y+++
    ------END GEEK CODE BLOCK------

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] Backup Domain not working

    I suspect you need to specify the logon home with actual server name
    (PDC). Otherwise it defaults to the server you logged onto - in this
    case your BDC.

    Jason Baker wrote:
    > I recently set up a backup domain controller using Samba 3.0.23. I
    > have a Samba PDC already running, and all is working fine, but once I
    > added the BDC, now when people log in to their windows account, their
    > home directory is now being mapped to their home on the BDC (which is
    > empty) instead of the PDC. Conf files from each below:
    >
    > PDC Samba Conf:
    > [global]
    > unix charset = LOCALE
    > workgroup = mydomain
    > netbios name = PDC
    > server string = Domain Controller running %v
    > interfaces = eth1, lo
    > bind interfaces only = yes
    > os level = 255
    > preferred master = yes
    > local master = yes
    > domain master = yes
    > security = user
    > time server = yes
    > username map = /etc/samba/smbusers
    > wins support = yes
    > encrypt passwords = yes
    > pam password change = yes
    > name resolve order = wins bcast hosts
    > winbind nested groups = no
    > passdb backend = ldapsam:"ldap://127.0.0.1 ldap://BDC"
    > ldap passwd sync = Yes
    > ldap suffix = dc=mydomain,dc=com
    > ldap admin dn = cn=Manager,dc=mydomain,dc=com
    > ldap ssl = no
    > ldap group suffix = ou=Groups
    > ldap user suffix = ou=People
    > ldap machine suffix = ou=People
    > ldap idmap suffix = ou=Idmap
    > idmap backend = ldap:ldap://127.0.0.1/
    > idmap uid = 10000-20000
    > idmap gid = 10000-20000
    > map acl inherit = yes
    > add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
    > #delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
    > add machine script = /etc/smbldap-tools/smbldap-useradd -w "%u"
    > add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
    > #delete group script = /etc/smbldap-tools/smbldap-groupdel "%g"
    > add user to group script = /etc/smbldap-tools/smbldap-groupmod
    > -m "%u" "%g"
    > delete user from group script =
    > /etc/smbldap-tools/smbldap-groupmod -x "%u" "%g"
    > set primary group script = /etc/smbldap-tools/smbldap-usermod -g
    > "%g" "%u"
    > domain logons = yes
    > log file = /var/log/samba/log.%m
    > log level = 1
    > syslog = 0
    > max log size = 50
    > #smb ports = 139 445
    > smb ports = 139
    > hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0
    > # User profiles and home directories
    > logon drive = U:
    > logon path = \\%L\profiles\%U
    > logon script = %U.bat
    > large readwrite = no
    > read raw = no
    > write raw = no
    > printcap name = /etc/printcap
    > load printers = no
    > printing =
    > template shell = /bin/false
    > winbind use default domain = no
    >
    > BDC Samba Conf.
    > [global]
    > unix charset = LOCALE
    > workgroup = mydomain
    > server string = Backup Domain Controller
    > security = domain
    > username map = /etc/samba/smbusers
    > log level = 1
    > syslog = 0
    > log file = /var/log/samba/%m.log
    > max log size = 50
    > smb ports = 139
    > name resolve order = wins bcast hosts
    > wins server = 172.16.24.7
    > ldap suffix = dc=mydomain,dc=com
    > ldap machine suffix = ou=People
    > ldap user suffix = ou=People
    > ldap group suffix = ou=Groups
    > ldap idmap suffix = ou=Idmap
    > ldap admin dn = cn=Manager,dc=mydomain,dc=com
    > idmap backend = ldap:ldap://PDC
    > idmap uid = 10000-20000
    > idmap gid = 10000-20000
    > winbind trusted domains only = yes
    > password server = 172.16.24.7
    > template shell = /bin/false
    > domain master = no
    > local master = no
    > os level = 0
    > preferred master = no
    > winbind use default domain = no
    > veto oplock files = /*.mbd/
    > large readwrite = no
    > read raw = no
    > write raw = no printcap name = /etc/printcap
    > load printers = no
    > printing =
    >


    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  3. Re: [Samba] Backup Domain not working

    That makes sense. I will try that and report back.

    *Jason Baker
    */IT Coordinator/


    *Glastender Inc.*
    5400 North Michigan Road
    Saginaw, Michigan 48604 USA
    800.748.0423
    Phone: 989.752.4275 ext. 228
    Fax: 989.752.4444
    www.glastender.com

    -----BEGIN GEEK CODE BLOCK-----
    Version: 3.1
    GIT$ d- s: a C++$ LU+++$ P+ L++>L++++ !E--- W+++ N o? K?
    w !O M !V PS PE++ Y? PGP- t 5? X+ R+ tv+ b- DI-- D++ G e+ h---
    r+++ y+++
    ------END GEEK CODE BLOCK------



    Gary Dale wrote:
    > I suspect you need to specify the logon home with actual server name
    > (PDC). Otherwise it defaults to the server you logged onto - in this
    > case your BDC.
    >
    > Jason Baker wrote:
    >> I recently set up a backup domain controller using Samba 3.0.23. I
    >> have a Samba PDC already running, and all is working fine, but once I
    >> added the BDC, now when people log in to their windows account, their
    >> home directory is now being mapped to their home on the BDC (which is
    >> empty) instead of the PDC. Conf files from each below:
    >>
    >> PDC Samba Conf:
    >> [global]
    >> unix charset = LOCALE
    >> workgroup = mydomain
    >> netbios name = PDC
    >> server string = Domain Controller running %v
    >> interfaces = eth1, lo
    >> bind interfaces only = yes
    >> os level = 255
    >> preferred master = yes
    >> local master = yes
    >> domain master = yes
    >> security = user
    >> time server = yes
    >> username map = /etc/samba/smbusers
    >> wins support = yes
    >> encrypt passwords = yes
    >> pam password change = yes
    >> name resolve order = wins bcast hosts
    >> winbind nested groups = no
    >> passdb backend = ldapsam:"ldap://127.0.0.1 ldap://BDC"
    >> ldap passwd sync = Yes
    >> ldap suffix = dc=mydomain,dc=com
    >> ldap admin dn = cn=Manager,dc=mydomain,dc=com
    >> ldap ssl = no
    >> ldap group suffix = ou=Groups
    >> ldap user suffix = ou=People
    >> ldap machine suffix = ou=People
    >> ldap idmap suffix = ou=Idmap
    >> idmap backend = ldap:ldap://127.0.0.1/
    >> idmap uid = 10000-20000
    >> idmap gid = 10000-20000
    >> map acl inherit = yes
    >> add user script = /etc/smbldap-tools/smbldap-useradd -m "%u"
    >> #delete user script = /etc/smbldap-tools/smbldap-userdel "%u"
    >> add machine script = /etc/smbldap-tools/smbldap-useradd -w "%u"
    >> add group script = /etc/smbldap-tools/smbldap-groupadd -p "%g"
    >> #delete group script = /etc/smbldap-tools/smbldap-groupdel "%g"
    >> add user to group script = /etc/smbldap-tools/smbldap-groupmod
    >> -m "%u" "%g"
    >> delete user from group script =
    >> /etc/smbldap-tools/smbldap-groupmod -x "%u" "%g"
    >> set primary group script = /etc/smbldap-tools/smbldap-usermod
    >> -g "%g" "%u"
    >> domain logons = yes
    >> log file = /var/log/samba/log.%m
    >> log level = 1
    >> syslog = 0
    >> max log size = 50
    >> #smb ports = 139 445
    >> smb ports = 139
    >> hosts allow = 127.0.0.1 172.16.0.0/255.255.0.0
    >> # User profiles and home directories
    >> logon drive = U:
    >> logon path = \\%L\profiles\%U
    >> logon script = %U.bat
    >> large readwrite = no
    >> read raw = no
    >> write raw = no
    >> printcap name = /etc/printcap
    >> load printers = no
    >> printing =
    >> template shell = /bin/false
    >> winbind use default domain = no
    >>
    >> BDC Samba Conf.
    >> [global]
    >> unix charset = LOCALE
    >> workgroup = mydomain
    >> server string = Backup Domain Controller
    >> security = domain
    >> username map = /etc/samba/smbusers
    >> log level = 1
    >> syslog = 0
    >> log file = /var/log/samba/%m.log
    >> max log size = 50
    >> smb ports = 139
    >> name resolve order = wins bcast hosts
    >> wins server = 172.16.24.7
    >> ldap suffix = dc=mydomain,dc=com
    >> ldap machine suffix = ou=People
    >> ldap user suffix = ou=People
    >> ldap group suffix = ou=Groups
    >> ldap idmap suffix = ou=Idmap
    >> ldap admin dn = cn=Manager,dc=mydomain,dc=com
    >> idmap backend = ldap:ldap://PDC
    >> idmap uid = 10000-20000
    >> idmap gid = 10000-20000
    >> winbind trusted domains only = yes
    >> password server = 172.16.24.7
    >> template shell = /bin/false
    >> domain master = no
    >> local master = no
    >> os level = 0
    >> preferred master = no
    >> winbind use default domain = no
    >> veto oplock files = /*.mbd/
    >> large readwrite = no
    >> read raw = no
    >> write raw = no printcap name = /etc/printcap
    >> load printers = no
    >> printing =
    >>

    >

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread