[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
James
lingpanda101 at gmail.com
Thu Dec 17 18:39:43 UTC 2015
On 12/17/2015 12:30 PM, Rowland penny wrote:
> On 17/12/15 17:01, James wrote:
>>
>>>
>>> You mean your users don't use domain accounts when they log on to
>>> member servers, but they use local linux users?
>>>
>>>
>>>
>> Correct on my member server.
>>
>
> Then they are *not* domain users
>
>
>
Yes. Sorry for the lack of clarity.
Wireshark traces show my workstation using my other DC to authenticate
and log in with when one is down. Event logs for windows workstations
that had issues had Event 5719 and 1014. These workstations are
portable. I'm thinking a latency issue with DNS resolve? Looking into my
DNS cache and resolver times led me to something interesting. I flushed
my dns cache on a windows workstation. Switched user and viewed my cache
again. It showed the following.
_ldap._tcp.default-first-site-name._sites.dc2.domain.local
---------------------------------------------------------------------------------
Name does not exist.
_ldap.tcp.dc2.domain.local
------------------------------------------
Name does not exist.
A nslookup for _ldap._tcp.domain.local does display all my DC's.
--
-James
More information about the samba
mailing list