We have a UCS member server functioning as file server for home directories in a UCS domain with two DCs. The DCs and member server are all version 4.3-3 errata390. Frequently we experience that the shares are unavailabe. In order to sort the issue I have rejoined the server to the domain each time this has happened. But as we are soon to go into production, this is not a viable solution. Are there any known issues causing this, and could it perhaps be a solution to make the server a DC in order to solve it?
a member server does not have any own authentication possibilities on its local system.
Saying, if a user authenticates the member server always asks one of the DCs for authenticating the user. If this connection fails for any reason the user is getting an access denied.
Are you really sure a rejoin is always the only possible solution? Did you try to troubleshoot the issue to find the root cause for this? I guess you could find something in /var/log/samba files. Have you checked the diagnostic module in UMC? Any hints there? Is the network really (!) reliable?
In case you do not want to troubleshoot you can indeed use a slave server who will be able to perform authentications on his own.
Unfortunately you can not change the role of an UCS server. This is fixed during installation so you would need to set up a new slave server and migrate your shares from member to slave.
I am aware that a member server is dependent on DC for authenticating users, and I cannot definately state that the only solution to my problem is rejoining the machine to the domain. Rejoining, which is fine in a test environment, has solved the problem this far, but soon going into production it’s imperative to get to the root of the problem.
I understand if you find my troubleshooting this far lazy, but I was hoping it might be an issue you were aware of and could point me to some solution. As it has occured quite a number of times now, I will take your kind advice and use the log files and diagnostics module to find the cause of the problem next time it happens.