[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
Rowland penny
rpenny at samba.org
Thu Dec 10 09:41:07 UTC 2015
On 10/12/15 09:23, L.P.H. van Belle wrote:
> I was wondering why because in a full windows domain, every DC has an NS record.
>
>
When you join a DC, the basic info is added to AD and then when the
samba deamon is started, samba_dnsupdate is run, this uses the file
dns_update_list to add (if required) various dns records. Guess what dns
records are not in that file?
However, even if you add the missing NS records to the SOA records, if
you use the internal dns server, you will still only have one NS, this
appears to be your first DC. I am beginning to think that if you have
more than one DC, you should forget the internal DNS server and use
BIND_DLZ instead.
Rowland
More information about the samba
mailing list