[Samba] Samba domain member DC preferred list

Andrea Cucciarre' acucciarre at cloudian.com
Mon Apr 20 17:20:40 UTC 2020 

Hello Rowland,

One of my customer is reporting that sometime intermittently they can't 
access the share.
When the issue appear the "wbinfo ping-dc"  and "net ads info" show the 
following:

# /opt/samba/bin/wbinfo --ping-dc
checking the NETLOGON for domain[FLEET] dc connection to "" failed
failed to call wbcPingDc: WBC_ERR_DOMAIN_NOT_FOUND

# /opt/samba/bin/net ads info
LDAP server: 10.5.20.13
LDAP server name: VSPWADRO01M.FLEET.AD
Realm: FLEET.AD
Bind Path: dc=FLEET,dc=AD
LDAP port: 389
Server time: Mon, 20 Apr 2020 01:08:45 EDT
KDC server: 10.5.20.13
Server time offset: 0
Last machine account password change: Tue, 03 Mar 2020 11:48:12 EST

It seems the issue started when they added a read only domain 
controller, which is just VSPWADRO01M.FLEET.AD
When the issue is recovered the "wbinfo ping-dc"  and "net ads info" 
show the following, so the DC selected is not VSPWADRO01M.FLEET.AD

# /opt/samba/bin/net ads info
LDAP server: 10.5.2.11
LDAP server name: PSPWAD01P.FLEET.AD
Realm: FLEET.AD
Bind Path: dc=FLEET,dc=AD
LDAP port: 389
Server time: Mon, 20 Apr 2020 03:59:19 EDT
KDC server: 10.5.2.11
Server time offset: 0
Last machine account password change: Tue, 03 Mar 2020 11:48:12 EST

# /opt/samba/bin/wbinfo --ping-dc
checking the NETLOGON for domain[FLEET] dc connection to 
"vspwad01p.FLEET.AD" succeeded

Regards
Andrea






Regards
Andrea Cucciarre'


On 4/20/2020 7:01 PM, Rowland penny via samba wrote:
> On 20/04/2020 17:49, Andrea Cucciarre' via samba wrote:
>> Does the "password server" setting in the smb.conf achieve it?
> No, you shouldn't use this, you should allow Samba to choose the best 
> DC to use.
>>
>> On 4/20/2020 6:40 PM, Andrea Cucciarre' wrote:
>>> Hello,
>>>
>>> Is there a way to provide a list of DC that Samba should try to join?
>>> I know that in command "net ads join" I can use "-S" to select with 
>>> DC to use, but it seems it doesn't accept list, only one single server.
>
> Why do you feel you need to do this ?
>
> If you do not specify a DC to use during the join, Samba will search 
> for the best DC to use.
>
> It might help if you can tell us why you need to specify a particular 
> DC or list of DC's.
>
> Rowland
>
>
>
>

More information about the samba mailing list