0

I have succesfully added my Freebsd 9 to a Windows server 2008 R2 AD Domain. Using samba 3.6.

The problem is that i want to be able to connect to the shares when the AD server is down.

Because the backup of the AD server is placed onto the BSD 9 system, so when booting the windows server CD repair i cannot connect to the share because of

session setup failed: NT_STATUS_NO_LOGON_SERVERS,

How to make samba use AD and if needed fail over to local passwords only?

EDIT:

The setup is the following.

machine1 Windows Server 2008 R2. machine2 Freebsd amd64 9.0.

machine1 is Active Direcotory Domain Controller. machine1 is PDC WITHOUT any BDC.

machine2 is hosting samba 3.6 and a samba share called backup.

machine2 has joined the AD domain "DOMAIN" using kerberos.

on machine2 getent passwd shows both AD users and local users.

on machine1 \machine2\backup IS accesable with AD user account.

Problems \machine2\backup IS NOT accesable with machine2 unix user account.

machine2's role is to be a NAS to store the Windows Server Backup for machine1. I can succesfully make a windows server backup to the share.

Considering this scenario.

machine1 crashes and needs bare bore restore. machine1 gets booted from win2k8 DVD repair mode.

machine1 cannot get access to \machine2\backup because the AD is down.

user993553
  • 429
  • 3
  • 8
  • Your question needs some serious work. Please update it to be much more clear. For example: What shares? Where are they stored? What kind of authentication do they use? – MDMarra Feb 02 '12 at 19:40
  • Honestly, I would setup redundancy in your AD environment, first. Is there are reason you are avoiding the fundamental problem? – Aaron Copley Feb 02 '12 at 20:36
  • I'm testing in a VirtualBox environment. The production environment has a redundant AD system. I just want to make sure that the backup is easy tor restore in case of both AD servers are down. – user993553 Feb 02 '12 at 21:07
  • mmmh, thanks for input, I came to think of the solution of simply changning the samba options on the freebsd machine while doing the backup, in the rare case that both AD's are down.... I do not think one is able to mix local unix accounts with AD accounts when security = ads. – user993553 Feb 02 '12 at 23:33

1 Answers1

-1

Try This

2011/11/08 10:22:40.604819, 2] auth/auth.c:304(check_ntlm_password) check_ntlm_password: authentication for user [xxx.yyy] -> [xxx.yyy] -> [xxx.yyy] succeeded

[2012/01/11 09:09:00.430424, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [xxx.yyy] -> [xxx.yyy] FAILED with error NT_STATUS_WRONG_PASSWORD

Lepide
  • 9
  • 1