The ldap on machine one is the zimbra ldap, not another instance of ldap.
The idea is that zimbra and domain authentication will work with only machine 1 running. Machine 2 is a fileserver that will depend on machine 1 being present for authentication, but machine 1 is not dependant on machine 2 at all.
Now that I have throughly confused you, here's my smb from machine 1 (the pdc)
Code:
[global]
workgroup = MEDALIST
netbios name = mail
os level = 34
preferred master = yes
enable privileges = yes
server string = %h server (Samba, Ubuntu)
wins support =yes
dns proxy = no
name resolve order = wins bcast hosts
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
ldap passwd sync = yes
passdb backend = ldapsam:ldap://mail.medalist.com.au/
ldap admin dn = "cn=config"
ldap suffix = dc=medalist,dc=com,dc=au
ldap group suffix = ou=groups
ldap user suffix = ou=people
ldap machine suffix = ou=machines
obey pam restrictions = no
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
domain logons = yes
logon path = \\mail.medalist.com.au\%U\profile
logon home = \\mail.medalist.com.au\%U
logon drive = K:
logon script = logon.cmd
add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
add machine script = /usr/sbin/adduser --shell /bin/false --disabled-password --quiet --gecos "machine account" --force-badname %u
socket options = TCP_NODELAY
domain master = yes
local master = yes
and using it as a base, the modified smb.conf for machine 2:
Code:
[global]
workgroup = MEDALIST
netbios name = server1
os level = 33
preferred master = yes
enable privileges = yes
server string = %h server (Samba, Ubuntu)
wins support =no
dns proxy = no
name resolve order = wins bcast hosts
log file = /var/log/samba/log.%m
log level = 3
max log size = 1000
syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
ldap passwd sync = yes
passdb backend = ldapsam:ldap://mail.medalist.com.au/
ldap admin dn = "cn=config"
ldap suffix = dc=medalist,dc=com,dc=au
ldap group suffix = ou=groups
ldap user suffix = ou=people
ldap machine suffix = ou=machines
obey pam restrictions = no
domain logons = yes
logon path = \\mail.medalist.com.au\%U\profile
logon home = \\mail.medalist.com.au\%U
logon drive = K:
logon script = logon.cmd
socket options = TCP_NODELAY
domain master = no
local master = yes
What I changed was to remove the passwd lines, the add user and machine lines, change the domain master to no and wins support to no.
I'm not sure if it should be the local master or wether is should be the preferred master.
Something is still wrong because I can't even connect to machine 2 from windows even if I use the ip address