krb5.conf Second domain controller

[Konstantin Pobudzey]

Hi Michael
Thanks You for reply.

On 11/11/2010 4:21 PM, Michael Wood wrote:
> Hi
>
> I have copied my reply to samba-technical.
>
> On 11 November 2010 18:17, Konstantin Pobudzey<5836000 at gmail.com>  wrote:
> [...]
>> I did net/vampire with success.
> Which version of Samba did you use?*Alfa13 from tar*
>
>> 1)
>> I noticed that second domain controller not listening on port 3268. Is this normal ?
> I'm not sure.  I have not checked for this in the past when I did a
> net vampire and I currently only have one Samba 4 DC.
>
> I see that port is supposed to be for the Global Catalogue.  I would
> guess that all DCs should listen on this port, but I don't know for
> sure.
>
>> (
>> /usr/local/samba/private/dns_update_list  file suggest to have record for gc service for second domain controller )
> Well then I suppose the second one should be listening on that port
> too.  Did you see anything in the logs about this?  What version of
> Samba is it?
>
>> 2) Should I add record for dc2 in  /etc/krb5.conf on both servers ?
>> I suggest
>> [realms]
>>   TEST.LOCAL = {
>>    kdc = dc1.test.local:88
>> kdc = dc2.test.local:88
>>    admin_server = dc1.test.local:749
>> admin_server = dc2.test.local:749
>>    default_domain = test.local
> I don't think this is necessary, because the clients can look up the
> information in DNS.  (Although the admin server is not in DNS, or at
> least not with that port, so not sure what it's for exactly.)
>
> You might need this in your krb5.conf:
>
> [libdefaults]
>   dns_lookup_realm = true
>   dns_lookup_kdc = true
>   default_realm = TEST.LOCAL
*Yes . I have this part.*
> Perhaps someone else on the list can clarify.
>