[Samba] How to Configure Samba to Use Multiple AD Logon Serversfor Redundancy

Robinson, Eric eric.robinson at psmnv.com
Thu Nov 3 11:24:47 MDT 2011


Hi Marcel -- thanks for the info. What about the krb.conf file? Is it
possible to specify additional domain controllers in there too?

--
Eric Robinson
Director of Information Technology
Physician Select Management, LLC
775-885-2211 x 111
 

> -----Original Message-----
> From: samba-bounces at lists.samba.org 
> [mailto:samba-bounces at lists.samba.org] On Behalf Of Robinson, Eric
> Sent: Wednesday, November 02, 2011 6:54 AM
> To: Marcel de Reuver; samba at lists.samba.org
> Subject: Re: [Samba] How to Configure Samba to Use Multiple 
> AD Logon Serversfor Redundancy
> 
> > > Our samba boxes are integrated with our Windows 2003 AD
> > domain, with
> > > Windows servers acting as AD domain controllers. Everything
> > is working
> > > fine, but in my krb.conf and krb5.conf files on my Linux boxes, I 
> > > currently only have one Windows server specified as the AD
> > logon server.
> > > If that server is down, I suspect that Linux users could 
> not login. 
> > > How to I specify more than one AD domain controller in my 
> > > Kerberos/samba config files?
> > >
> > >
> > >
> > >
> > You can point to more DC's:
> > 
> > [realms]
> > YOURDOMAIN.COM = {
> > kdc = pdc.yourdomain.com
> > kdc = dc-01.yourdomain.com
> > kdc = dc-02.yourdomain.com
> > admin_server = pdc.yourdomain.com
> > master_kdc = pdc.yourdomain.com
> > }
> > 
> > --
> > BR, Marcel de Reuver
> > --
> 
> That is good information, Marcel! What about my krb.conf 
> file? It currently looks like this:
> 
> 	MYDOMAIN.COM     dc01.mydomain.com:88
> 	MYDOMAIN.COM     dc01.mydomain.com:749 admin server
> 
> Should I specify additional AD domain controllers here as 
> well, and if so, what is the syntax?
> 
> --Eric
> 
> 
> 
> Disclaimer - November 2, 2011
> This email and any files transmitted with it are confidential 
> and intended solely for Marcel de 
> Reuver,samba at lists.samba.org. If you are not the named 
> addressee you should not disseminate, distribute, copy or 
> alter this email. Any views or opinions presented in this 
> email are solely those of the author and might not represent 
> those of Physicians' Managed Care or Physician Select 
> Management. Warning: Although Physicians' Managed Care or 
> Physician Select Management has taken reasonable precautions 
> to ensure no viruses are present in this email, the company 
> cannot accept responsibility for any loss or damage arising 
> from the use of this email or attachments. 
> This disclaimer was added by Policy Patrol: 
> http://www.policypatrol.com/
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 


More information about the samba mailing list