Thursday, February 05, 2004
Samba 3.0 group mappings vanished
after restarting the machine hosting our Samba 3 pdc, the domain nt-> nis group mappings vanished, probably because they were directed to /var/lock/samba.
We suspect RedHat clears out the /var/lock subfiles when rebooting. I directed samba at compile time to store lock files there. I didn't realize that Samba 3.0 included this group mapping information in the lock file location. The reasoning behind this is still unclear to me; it is fairly static information. Best I can figure is that it has to be world-readable, so its stuck with the other world-readable info, like the WINS mappings.
The lock directory location was altered in smb.conf. The files are now in /var/state
I also added lines to the /etc/init.d/smb-pdc script to backup the domain .tbd files at shutdown and to verify them at restart. The tdbbackup program must run when smbd is off, otherwise it could corrupt the files.
after restarting the machine hosting our Samba 3 pdc, the domain nt-> nis group mappings vanished, probably because they were directed to /var/lock/samba.
We suspect RedHat clears out the /var/lock subfiles when rebooting. I directed samba at compile time to store lock files there. I didn't realize that Samba 3.0 included this group mapping information in the lock file location. The reasoning behind this is still unclear to me; it is fairly static information. Best I can figure is that it has to be world-readable, so its stuck with the other world-readable info, like the WINS mappings.
The lock directory location was altered in smb.conf. The files are now in /var/state
I also added lines to the /etc/init.d/smb-pdc script to backup the domain .tbd files at shutdown and to verify them at restart. The tdbbackup program must run when smbd is off, otherwise it could corrupt the files.
