[Samba] question on password server =

Andrew Bartlett abartlet at samba.org
Thu Jun 15 11:17:28 UTC 2017 

On Thu, 2017-06-15 at 10:14 +0200, mj via samba wrote:
> Nobody knows..?
> 
> Or my question is unclear..?
> 
> MJ

Please just don't.  I know Samba is incredibly flexible in the options
it accepts, but every time someone tries to be extra tricky it sets up
a case for strange failure in the long term.  

Andrew Bartlett

> On 06/14/2017 09:59 AM, mj via samba wrote:
> > Hi,
> > 
> > I would like to ask how exactly the "password server =" smb.conf option 
> > works. The man pages say that the option is to "restrict Samba to to do 
> > all its username/password validation using a specific remote server"
> > 
> > I know that we should normally leave it empty, to have samba 
> > auto-discover the DCs. But my question is:
> > 
> > Suppose it's defined it like:
> >  > password server = samba4.domain.com
> > 
> > and the dns samba4.domain.com resolves to our DCs, like:
> > 
> > > root at pf:~# host -t A samba4.company.com
> > > samba.merit.unu.edu has address 192.168.0.1
> > > samba.merit.unu.edu has address 192.168.0.2
> > > samba.merit.unu.edu has address 192.168.0.3
> > > root at pf~# host -t A  samba4.company.com
> > > samba.merit.unu.edu has address 192.168.0.2
> > > samba.merit.unu.edu has address 192.168.0.3
> > > samba.merit.unu.edu has address 192.168.0.1
> > 
> > But DCs can be offline. Hence the question below:
> > 
> > Which scenario applies:
> > #1: samba talks to all three IPs for all connection attempts, and just 
> > waits to see which DC happens to be online / offline?
> > 
> > or
> > 
> > #2: samba talks to 192.168.0.1 on the first connection, and 192.168.0.2 
> > for the next? (using the round-robin dns)
> >  From load balancing perspective, this second option spreads the load 
> > much nicer, but when a DC happens to be offline, 1/3 of the connection 
> > attempts would timeout...
> > 
> > Can anyone tell me how this works?
> > 
> > MJ
> > 
> 
> 
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list