[Samba] How to Configure Samba to Use Multiple AD Logon Servers for Redundancy

Andrew Bartlett abartlet at samba.org
Fri Nov 4 15:15:03 MDT 2011

On Tue, 2011-11-01 at 23:29 -0700, Robinson, Eric wrote:
> Our samba boxes are integrated with our Windows 2003 AD domain, with
> Windows servers acting as AD domain controllers. Everything is working
> fine, but in my krb.conf and krb5.conf files on my Linux boxes, I
> currently only have one Windows server specified as the AD logon server.
> If that server is down, I suspect that Linux users could not login. How
> to I specify more than one AD domain controller in my Kerberos/samba
> config files?

For Samba, just don't specify 'password server'.  

For krb5.conf, set 

 dns_lookup_kdc = true

It is actually less work to have this 'do the right thing' than to
hard-code a single server :-)

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list