[Samba] question on password server =

Rowland Penny rpenny at samba.org
Thu Jun 15 11:10:04 UTC 2017


On Thu, 15 Jun 2017 12:04:54 +0200
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:


> Imo. The suggestion of packetfence.. 
> Its not wrong to use : password server = internal.domain.tld
> But it is not the same as   : password server = *

No it is not the same, but it is the next best thing to it.

> 
> What we need here is, how does this exact work. ( from the password
> server setting/function/code etc.. ) 
> 
> What i think, 
> In case of password server = internal.domain.tld
> PF resolves internal.domain.tld, and comes back with one of the 2
> domain controllers in this example. And to my believe but this is
> more a developer question, so Rowland pay attention..  ;-) If the
> resolving is done by the "password server" setting, does it check if
> the server is online. 

Not an expert here, but I would image that yes, this probably does
check if the DC is on line, but probably not in the way you think.

If you use 'password server = *', I would expect Samba to check for
DCs and then use the nearest/best one it finds. If you use 'password
server' in the way that packetfence suggests, you will get a list of
DCs and then Samba will use the first one on that list and if it doesn't
reply, it will try the next one and so until connects.

As I said, This is my understanding of how it works, if it is wrong,
I am sure someone like Andrew will jump in and explain it better.
 
Rowland



More information about the samba mailing list