[Samba] question about kdc=
Doug Tucker
tuckerd at engr.smu.edu
Fri May 9 14:26:28 GMT 2008
We have a couple of samba 3.x servers that are members of our windows
AD, and authenticate users via AD. Our realm defininition in kdc5.conf
was the likes of domain.net, and our kdc definition was pdc.domain.net.
All worked just fine. However, the pdc was taken down for a move, and
winbind could no longer look up user accounts. I changed the kdc
definition to bdc.domain.net, but it was unable to look up users. Then
out of desperation, we changed the kdc definition to the same thing as
the realm, just domain.net, and it then was able to look up user
accounts again, against the bdc obviously since the pdc was down, but
what is puzzling is why when pointed directly at the bdc, it could not.
Can anyone shed any light on this?
More information about the samba
mailing list