[Samba] Choosing a DC in a multiple DC network

Mike M endfx1 at gmail.com
Fri Nov 28 01:53:58 GMT 2008


Hello,

I have a linux server that is joined to our domain that has multiple Domain
Controllers at multiple sites.
The DCs are all synced together and this is a Windows Server 2003
environment.

I configured a linux server to join the domain using winbind (security =
ads).
That is, it was joined with "net ads join -U user at DOMAIN.COM"

When I configured the server, I installed krb5 but removed the krb5.conf
file. Because our site has multiple synced domain controllers, I would let
winbind use the service dns records to find the Kerberos server to use.
Figured this was smart in case a DC died, it would automatically find
another DC to use.

Everything is working just fine, but the DC (i.e. the kerberos server) that
winbind uses seems to be fairly random and sometimes picks a DC that is at a
site that is across the country. It's a perfectly valid DC but it's far away
so winbind runs extremely slow and sometimes will timeout.

Is there a way I can pick which DC winbind will connect to when it querying
for user/group information?
I've setup the krb5.conf file and restarted samba and winbind but "net ads
info" and "net ads lookup" still shows it using a DC that is far away.

Can I pick which DC is used in this situation?

Thanks.


More information about the samba mailing list