Multiple AD Password Servers

[Klinger, John (N-CSC)]

Not only did I post this to the wrong group [sorry about that],
it is not a problem. If the name cannot be resolved, winbindd
does startup after a few minutes. I was just not waiting long
enough.

john

> -----Original Message-----
> From: Klinger, John (N-CSC) 
> Sent: Wednesday, March 24, 2004 9:00 PM
> To: 'Samba-Technical (E-mail)'
> Subject: RE: Multiple AD Password Servers
> 
> 
> Just ran a quick check, setting the activedsvr2 in /etc/hosts to
> an unused address. Winbindd was fine with that and quickly started
> up. It looks like it is only if the name can't be resolved.
> 
> > -----Original Message-----
> > From: Klinger, John (N-CSC) 
> > Subject: Multiple AD Password Servers
> > 
> > 
> > Solaris 8; Samba 3.0.1 smbd, nmbd, and winbindd; 
> > security=ads; openldap idmap backend.
> > 
> > We've been running with a couple of ADs specified in our 
> > password server like:
> > 
> > password server = activedsvr  activedsvr2
> > 
> > This has worked wonders until tonight, when we tested against 
> > a machine that couldn't resolve activedsvr2 (no /etc/hosts
> > or DNS entry). Unfortunately, winbindd doesn't work unless
> > it can contact both, staying in a loop attempting to find
> > activedsvr2 and not servicing pam.conf, nsswitch, or clients.
> > As soon as I add activedsvr2 to the /etc/hosts file, winbindd
> > flies along merrily. I can even then punt one of the servers
> > and winbindd will still continue working.
> > 
> > Unfortunately, I'm going to be working on this tomorrow, and 
> > hopefully have it solved the same day. So I'd *truly*
> > appreciate input on whether winbindd's "I won't start until
> > I find all the password servers" is by design. I'm hoping
> > it is hanging on just the name resolution and not the server 
> > being down. I'll be checking that tomorrow, too.
> > 
> > Thanks for your comments.
>