[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
Rowland penny
rpenny at samba.org
Thu Dec 10 13:38:35 UTC 2015
On 10/12/15 13:25, Ole Traupe wrote:
> Is it possible that kdc server is always the SOA, at least if derived
> from DNS and not specified *explicitly* in the krb5.conf?
>
> In my DNS-Manager console I find that
>
> _tcp.dc._msdcs.bpn.tu-berlin.de
>
> contains only 1 "_kerberos" record, and that one points to my First_DC.
>
> Ole
>
>
>
Your problem doesn't seem to be a dns problem, you should have two
'kerberos' records and no matter how good your dns is, it cannot obtain
something that isn't there :-)
See Louis's earlier post for how to attempt to fix this, but before you
do anything, restart samba on the second DC and then check the logs,
samba_dnsupdate should add the records you are missing.
Rowland
More information about the samba
mailing list