[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline

Ole Traupe ole.traupe at tu-berlin.de
Tue Dec 22 10:44:24 UTC 2015

>>> Can I suggest that you do what I did, create your own small test 
>>> domain in VMs using Bind9
>> Yes, that is a good idea. However, from what I had read before, much 
>> of it on the Samba wiki, I was expecting Samba4 to just work with 
>> multiple DCs. I still wonder why no one ever seems to have tested or 
>> questioned that (publicly). And I don't feel that I have to question 
>> something myself that is broadly recommended: use the internal DNS 
>> unless you really have to do otherwise (even by the developers, it 
>> seems). In addition, bind9 working with multiple DC's does not 
>> necessarily mean that internal DNS won't.
> I am going to discuss this with Marc and the rest of the team, like 
> you, I am surprised that nobody has raised this before. I have always 
> used Samba with Bind9, so was unaware of this possible problem, it 
> only came to head for me when you mentioned it. I then found I only 
> had one NS  record in the SOA and this lead to where we are now.

Hi Rowland,

Again: thanks a lot for your support.

Merry Christmas and good holidays to the list!


>> I also feel the need to would like to state that I am a part-time 
>> admin and I can't test something for a year or so (like others) 
>> before I go into production. With Samba 4 I was rather happy to find 
>> something that won't require so much work (although it feels 
>> differently now, partially due to me being more or less a newbee to 
>> unix-based systems, I guess).
> It doesn't need much looking after, once you have got it up and 
> running :-)
> Rowland

More information about the samba mailing list