LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-23-2005, 04:21 AM   #1
kep1997
LQ Newbie
 
Registered: Dec 2004
Posts: 5

Rep: Reputation: 0
cant connect to PDC Samba-W2k LDAP - connect_to_domain_password_server


got a server that has suddenly lost its trust relationship with pdc.

The smb.conf file on the rogue machine looks like:

passdb backend = ldapsam:ldap://pdc

ldap user suffix = ou=Users,dc=network,dc=och

ldap suffix = dc=medphy,dc=och
ldap admin dn = "cn=Manager,dc=network,dc=och"
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap machine suffix = ou=Computers
ldap suffix = dc=network,dc=och

tailing the logs on the rogue machine gives:
Mar 23 09:55:51 rogue smbd[18717]: [2005/03/23 09:55:51, 0] auth/auth_domain.c:domain_client_validate(170)
Mar 23 09:55:51 rogue smbd[18717]: domain_client_validate: Domain password server not available.
Mar 23 09:55:58 rogue smbd[18717]: [2005/03/23 09:55:58, 0] auth/auth_domain.c:connect_to_domain_password_server(118)
Mar 23 09:55:58 rogue smbd[18717]: connect_to_domain_password_server: unable to setup the NETLOGON credentials to machine PDC. Error was : NT_STATUS_ACCESS_DENIED.

I have checked to ensure that there is only one entry in the passwd file with the id that the rogue machine has, and that the name doesn't appear twice either.

my smb.conf file also says that "If the "ldap admin dn" values
change, this password will need to be reset." - but this doesn't look to be the case.

Anybody got any ideas on how to sort this? I dont know much about LDAP - my boss set it up and he is on holiday! Any help or suggestions would be ever so greatly appreciated!
 
Old 03-23-2005, 09:12 PM   #2
cylix
Member
 
Registered: Dec 2004
Location: Ohio
Distribution: Fedora Core 3
Posts: 125

Rep: Reputation: 15
smbpasswd -w mysecretpwd

Where my secret password is your ldap pass.

Now, if I remember this will create additional entries, so you may want to backup your /etc/samba/secrets.tdb and then clear it before updating the pass.

if you net getlocalsid
it should attempt to contact the ldap backend... might fall back and show its sid. If it gives a different one even after establishing contact you may want to update the sid entry on your ldap backend.

Unfortunately, I haven't set up trust accounts (which I think that's what you are refering too... unless you are just talking about your samba ldap pass)

samba.idealx.org has some good info (select the howto on the right) and of course samba.org has a wealth of information which looks like its getting an update as of late.
 
Old 03-24-2005, 02:47 AM   #3
kep1997
LQ Newbie
 
Registered: Dec 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks for your help!

In the end I ended up killing samba and doing a net join then restarting samba and hey presto is worked.

Next time I will follow the advice at the end of your posts - dont look too deep into a problem.

Thanks again
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ldap + samba PDC shane200_ Linux - Networking 0 08-31-2005 01:23 PM
Samba + LDAP PDC help!!!!!!!!!! shane200_ SUSE / openSUSE 1 08-14-2005 09:10 AM
Creating a Samba PDC/W2k Network ndonato Linux - Software 2 05-06-2005 06:41 PM
samba 3.0.2 as PDC of W2K clients (mandrake 10.0) giorgiotheone Linux - Networking 0 04-06-2004 04:51 PM
Samba PDC and W2k jongun78 Linux - Networking 1 03-05-2004 01:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration