[Samba] Configuring RHEL6 Samba4 DC for local accounts

[Michael Brown]

On 14-01-26 05:27 PM, Rowland Penny wrote:
> Is your DC really called ad.example.com or is it 
> hostname.ad.example.com? either way I do not think your sssd.conf is 
> going to work, also is there any chance you can update sssd to the 
> latest 1.11 series?
The DC is 'hostname', the realm is ad.example.com. I just pointed ldap 
at the realm to get the advantage(?) of being able to hit any DC.

As it turns out, what I described WORKS. I went back and checked my 
assumptions and realized that the reverse DNS didn't match - 
dc1.ad.example.com's PTR pointed back at dc1.office.example.com.

I had updated it on the DNS master for the internal zones, but bind on 
dc1 had *cached* the old PTR lookup.

Once I flushed, forward and reverse matched and it started working.

BUT, why didn't rnds=false fix this? :(

M.

-- 
Michael Brown               | `One of the main causes of the fall of
Systems Consultant          | the Roman Empire was that, lacking zero,
Net Direct Inc.             | they had no way to indicate successful
☎: +1 519 883 1172 x5106    | termination of their C programs.' - Firth