[Samba] AD and SAMBA
abartlet at samba.org
Thu May 10 20:37:22 MDT 2012
On Wed, 2012-05-09 at 18:31 +0530, Biju_babu at cargill.com wrote:
> Hello all,
> I am trying to understand how SAMBA finds nearest Domain Controller when
> configured to use Active Directory for AuthN.
> There are some great articles and wikis about how to configure SAMBA
> against AD, but couldn't find much on what I was looking for.
> For example
> 1. Does Samba have built in dc locator functionality like windows
> clients ?
> 2. What is the default authN it uses, NTLM or Kerb ?
This is up to the client to choose, we support both.
> 3. I understand from an article
> (http://timstechnoblog.blogspot.com/search/label/Linux) that Winbind
> when configured to use * for domain controller will invoke Dc locator
> mechanism, but couldn't completely understand the relation b/w Samba and
> Winbind - is it SAMBA always uses winbind for AD communication and
> authentication ?
Yes. You should always start winbindd, and it will be the sole channel
for communication with Active Directory.
> Root of all these questions are, SAMBA AD config I saw is configured to
> use a single password server, which is a single point of failure. I am
> trying to figure out how to avoid that.
Simply omit 'password server' from your smb.conf. By default we find
the most appropriate DC to contact,
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba