[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
lingpanda101 at gmail.com
Wed Dec 9 16:50:50 UTC 2015
On 12/9/2015 11:33 AM, Ole Traupe wrote:
>> - But when I try to ssh to a member server, it still takes forever,
>> and a 'kinit' on a member server gives this:
>> "kinit: Cannot contact any KDC for realm 'MY.DOMAIN.TLD' while
>> getting initial credentials"
>> My /etc/krb5.conf looks like this (following your suggestions,
>> Rowland, as everything else are defaults):
>> default_realm = MY.DOMAIN.TLD
>> And my /etc/resolv.conf is this:
>> search my.domain.tld
>> nameserver IP_of_1st_DC
>> nameserver IP_of_2nd_DC
> Any idea why I still get this when trying to log on to a member server
> while the first DC is down?
> # kinit: Cannot contact any KDC for realm 'MY.DOMAIN.TLD' while
> getting initial credentials
Can you try a few things? All on your member server. What is the
testparm | grep "name resolve order"
kinit administrator at MY.DOMAIN.TLD -V
More information about the samba