[Samba] Should krb.conf and krb5.conf have entries for multiple domain controllers?
presgas at gmail.com
Tue Mar 1 06:59:28 MST 2011
-----BEGIN PGP SIGNED MESSAGE-----
On 02/28/2011 09:29 PM, Robinson, Eric wrote:
> There are three DCs in my Windows AD domain, but I have
> noticed that only one of them is referenced in my krb.conf
> and krb5.conf. Should there be a reference to one or two of
> the other domain controllers? If the DC goes down, how will
> my Samba/Winbind servers authenticate?
> Eric Robinson
There should be no problem putting each DC in your krb.conf file. It
does allow for failover for kerberos. In your smb.conf file you will
also want to list the servers in your "password server" parameter,
separated by spaces.
Depending on how your samba/winbind is implemented, and the default way
most windows domain member machines work, is that they will go to
kerberos first then go to lanman/ntlm/ntlmv2.
GPG Public Key:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the samba