[Samba] auth to two diff PDCs? (success, sort of)

[Andrew Bartlett]

Andrew Bartlett wrote:
> 
> Matthew Hannigan wrote:
> >
> > With a single server, settings "security = server"  and
> > "password server =  pdc1 pdc2', I can successfully
> > authenticate against two entirely different PDCs
> > depending on which order I put the two machines in
> > the 'password server' list.
> >
> > Is there someway of forcing clients from either
> > domain to authenticate against the 'right' pdc,
> > regardless of the order in the 'password server'
> > config?
> >
> > What is the algo for choosing auth server out of a
> > list, anyway?
> >
> > If so it'd be a nice cheap way of getting what
> > we would otherwise have to wait for trust relationship
> > support for.
> 
> The reason we don't support this already is that while the auth works, a
> *lot* of other things break.

But if one PDC trusts the other, then secrutiy=domain will do this stuff
fine.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net