PDA

View Full Version : SLES 11 SP2 computer loses AD membership



scheider
12-Nov-2013, 17:50
Hi there,
It is my first post here, I hope you won't kick me out after reading my post...

I take core for a compute server under SLES 11 in a windows dominated environment. Users have their Win PC and login to that using AD, then open a putty terminal on the server. In order to share the server directories with those PCs, I set up a Samba server using domain security, and the DC admin, who belongs to the IT department, established the membership of the server using the command
net rpc join -U DCadmin -S domaincon1 -n myserver
I could start the respective daemons then, and people saw the server directories in their win explorers.

The problem: After each restart of the domain controller and each restart of my server, the connection is lost, even though there are two domain controllers and they reboot one after the other.
I then have to ask the IT guy again to connect my server to AD, which is not very convenient (it happens at least once per month, at maintenance day). They did it several times, but of course they are not happy with this situation (I am not either).

Any idea, why that is? The password generated using the net command is stored in /etc/samba/secrets.tdb. This file is still there, and I don't touch it.

Any help is highly appreciated.
Yours
Ingo

P.S.: The workaround having a script giving me the right to run the net rpc join command on his/her behalf does not help completely, since the AD password of the adminstrator changes from time to time, and then he/she had to login to my server to change it there as well.


P.P.S. If it helps, here is the [global] section of my smb.conf
[global]
workgroup = WORKGROUP
netbios name = myserver
security = domain
password server = domaincon1 domaincon2
encrypt passwords = Yes
log level = 8
passdb backend = tdbsam
map to guest = Never
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = No
usershare owner only = True