[Samba] DC's are unavailable when PDC halted
Ervin Hegedüs
airween at gmail.com
Wed Nov 8 16:20:09 UTC 2017
Hi,
On Wed, Nov 08, 2017 at 03:21:28PM +0000, Rowland Penny wrote:
> On Wed, 8 Nov 2017 14:33:28 +0100
> Ervin Hegedüs <airween at gmail.com> wrote:
>
> > When I turned off the open-ldap2, and open-ldap works, then the
> > wbinfo -a returns with succeed, but only after 30 seconds.
>
>
> OK, the problem here is not that you have turned off the first DC, it
> is that the client keeps trying to connect to it for 30 seconds.
>
> You need to add:
>
> 'timeout:1 attempts:2 rotate'
>
> to /etc/resolv.conf
okay, may be I've found something interest: the DC's have 2
network interfaces (eth0: 192.168.100.n/26, eth1: 10.10.20.m/25).
We planned, that the eth0 and that network will be used.
But I've added the another network addresses to DNS too.
Perhaps this was my mistake, because I've removed the 10.10.20.x
addresses from DNS (from domain, and from DC's A record), and now I
turned off any DC (till another works, of course), and client can
authenticate!
But. :)
After some minutes, the 10.10.20.x address gone back to DNS...
and I didn't set it up...
# host -t A core.mydomain.hu
core.mydomain.hu has address 192.168.255.100
core.mydomain.hu has address 192.168.255.99
(takes few minutes...)
# host -t A core.mydomain.hu
core.mydomain.hu has address 192.168.255.100
core.mydomain.hu has address 10.10.20.202
core.mydomain.hu has address 192.168.255.99
How can I prevent that this record appears in zone?
I can delete that with samba-tool:
# samba-tool dns delete open-ldap.core.mydomain.hu core.mydomain.hu core.mydomain.hu A 10.10.20.202 -Uadministrator at core.mydomain.hu
Password for [administrator at core.mydomain.hu]:
Record deleted successfully
# host -t A core.mydomain.hu
core.mydomain.hu has address 192.168.255.100
core.mydomain.hu has address 192.168.255.99
but it comes again after some minutes...
Thanks,
a.
More information about the samba
mailing list