Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 07-13-2006, 01:56 PM   #1
Registered: Oct 2004
Distribution: Slackware, CentOS
Posts: 135

Rep: Reputation: 15
Samba PDC+LDAP and home directories on different servers

When I first setup Samba as a PDC, it was on the same box as the NFS server, so there were no problems with posix locking. But now we have our big fileserver which is hosted someplace else, so I didn't move the PDC out with it. The home directories are automounted, and the homedir map is in ldap, along with all the userinfo(Samba+Ldap).

But now that the home directories are nfs mounted on the PDC, posix locking errors happen, and logging in is a bit slow. I found the nis homedir and homedir map options and set them on the PDC. I also setup Samba on the fileserver to work as a domain member(is this good or bad? dont know) I'm able to connect to the fileserver by hand(ie Map a network drive), but when I log in, the PDC still serves the nfs mounted homes. Why is it not going to the fileserver? I though thats what those options do, tell the client machine to do a smb connect to the fileserver for its files.

So whats going on? (Both servers are running the same version of samba 3.0.26) Here is the PDC smb.conf

workgroup = CBI
netbios name = PDC
map to guest = Bad User
encrypt passwords = yes
passdb backend = ldapsam:ldap://
log level = 2
syslog = 0
time server = Yes
deadtime = 10
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-group-del '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon path = \\%L\profiles
logon drive = X:
logon home = \\%L\%U
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
wins support = Yes
ldap admin dn = cn=samba,ou=DSA,dc=xxx,dc=xxx,dc=xxx
ldap group suffix = ou=group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=machines
ldap passwd sync = Yes
ldap suffix = dc=cbi,dc=utsa,dc=edu
ldap ssl = start tls
ldap user suffix = ou=people
## printer admin = '@Print, Operators'
printing = cups
create mask = 0640
directory mask = 0750
case sensitive = No
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
nis homedir = yes
homedir map = auto.home

comment = Home Directories
path = %p
valid users = %S
read only = No
directory mask = 0700
locking = No

comment = Network Logon Service
path = /etc/samba/netlogon
guest ok = Yes

path = /home/%u/.profile
valid users = %U, '@Domain, Admins'
force user = %U
read only = No
create mask = 0600
directory mask = 0700
profile acls = Yes
browseable = No
csc policy = disable

And here is the smb.conf on the fileserver

interfaces = ce0
bind interfaces only = yes
encrypt passwords = yes
workgroup = CBI
security = domain
name resolve order = wins bcast host
deadtime = 5
ldap machine suffix = ou=machines
ldap admin dn = cn=samba,ou=DSA,dc=xxx,dc=xxx,dc=xxx
preferred master = no
ldap idmap suffix = ou=Idmap
allow trusted domains = yes
netbios name = cajal
lanman auth = YES
ldap group suffix = ou=group
wins support = no
ldap user suffix = ou=people
ldap suffix = dc=xxx,dc=xxx,dc=xxx
ldap passwd sync = Yes
ldap ssl = start tls
wins server =
max smbd processes = 0
server string = cajal
winbind trusted domains only = Yes
os level = 8
passdb backend = ldapsam:ldap://
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
domain master = no
use spnego = yes
ntlm auth = YES
syslog = 0
log level = 0

read only = No
valid users = %S
comment = Home Directories
path = /tray1/home/%u

So any ideas? I guess I can setup the PDC on the fileserver, and make the local server that is on the same subnet as our clients a domain member(I know that will work since I setup a domain member on a gateway that isolates the internal machines), but I see no reason why this shouldn't work.

Thanks before hand to those who help.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP and Samba PDC HOWTO matarodi Debian 1 09-18-2005 01:07 PM
ldap + samba PDC shane200_ Linux - Networking 0 08-31-2005 01:23 PM
Samba + LDAP PDC help!!!!!!!!!! shane200_ SUSE / openSUSE 1 08-14-2005 09:10 AM
integration of ldap with samba pdc mnitian Linux - Networking 3 07-26-2004 10:19 AM
Samba PDC Problem or LDAP saavik Linux - Networking 2 05-05-2003 03:58 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:04 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration