[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
Rowland penny
rpenny at samba.org
Thu Dec 17 15:10:42 UTC 2015
On 17/12/15 14:56, Ole Traupe wrote:
>
>
> Am 17.12.2015 um 15:33 schrieb Rowland penny:
>> On 17/12/15 13:54, Ole Traupe wrote:
>>> Rowland, thank you, but before we do that:
>>>
>>> - what now with the 'gc' record? 2nd DC yes or no?
>>
>> Which one ? I have these:
>>
>> dn:
>> DC=_gc._tcp.Default-First-Site-Name._sites,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
>>
>> dn:
>> DC=_gc._tcp,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
>>
>> dn:
>> DC=_ldap._tcp.gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com
>>
>> dn:
>> DC=_ldap._tcp.Default-First-Site-Name._sites.gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com
>>
>> dn:
>> DC=gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com
>>
>> They all contain two dnsrecords, one from each DC
>>
>>> - if you say that the internal DNS is not compatible with a multi-DC
>>> setting, than we can stop here, no?
>>>
>>
>> Please stop putting words in my mouth :-)
>>
>> All I said was that you will only get one NS record if you use the
>> internal DNS server,
>
> Ok. And do you *need* both?
Not sure , but microsoft says you should have a SOA record for each DC
that runs DNS.
>
>
>
>> everything else seems to work though, although I haven't tried
>> turning the first DC off yet.
>
> Why? I mean, could you perhaps? Please?
>
Probably, but not today, will do it as soon as possible.
Rowland
More information about the samba
mailing list