Re: [Samba] Samba+LDAP problem after replacing BDC
- Date: Wed, 22 Aug 2018 15:09:37 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Samba+LDAP problem after replacing BDC
On Wed, 22 Aug 2018 15:34:04 +0200
Ludovit Koren <ludovit.koren@xxxxxxxxx> wrote:
From: Ludovit Koren <ludovit.koren@xxxxxxxxx>
To: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
Cc: Rowland Penny <rpenny@xxxxxxxxx>
Subject: Re: [Samba] Samba+LDAP problem after replacing BDC
Date: Wed, 22 Aug 2018 15:34:04 +0200
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (berkeley-unix)
>>>>> Rowland Penny via samba <samba@xxxxxxxxxxxxxxx> writes:
> On Wed, 22 Aug 2018 13:53:23 +0200
> Ludovit Koren via samba <samba@xxxxxxxxxxxxxxx> wrote:
>> I had a working enviroment of one PDC and several BDCs. The PDC is
>> Samba version 3.6.6. After replacing of one BDC, I've started to get
>> the following error in LDAP master server:
>> Aug 22 13:44:59 gw slapd: conn=46129 op=51 do_search:
>> invalid dn (sambaDomainName=Administrator,(null))
>> and on the PDC:
>> root@:~# net getlocalsid
>> smbldap_search_domain_info: Adding domain info for XXX failed
>> with NT_STATUS_UNSUCCESSFUL SID for domain XXX-SERVER is:
>> I cannot add any new computer to the domain. Everything else
>> seems to be working.
>> I did not find any hint to the error. Could you point what the
>> problem could be?
>> Thank you very much in advance.
> Can you post your smb.conf.
> [smb.conf application/octet-stream (13106 bytes)]
There is nothing really wrong there
>> what version of Samba is the new BDC using ?
> /usr/sbin/smbd -V
> Version 4.2.14-Debian
>> From the number of posts we get on PDC problems and tests I
>> have done,
>> I think that the changes required for AD might have broken
>> NT4-style > domains.
>> Irrespective of the above, can I advise you to upgrade to AD,
>> 'might' have broken NT4-style domains by accident, but it looks
>> like > Microsoft is removing connection by design.
Not sure where to go from here, apart from turning up the logs to 10
and seeing if anything pops out.
To unsubscribe from this list go to the following URL and read the