[Samba] Query for DC in the same site...

Marco Gaiarin gaio at sv.lnf.it
Tue May 15 10:55:21 UTC 2018 

In my scripts i'm using that query to catch DC:

	host -t SRV _kerberos._udp.ad.fvg.lnf.it | awk '{print $NF}'| sed 's/.$//'

and works, but now that the domain get more complex, i want to limit
server lookups to the DC in the same site.

Googling around lead me to:

	https://patternbuffer.wordpress.com/2007/12/13/finding-your-active-directory-site-and-domain-controllers/

and seems to work. With the local network i can get the site:

 root at vdcsv1:~# ldbsearch -H /var/lib/samba/private/sam.ldb -b "CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it" "(cn=10.5.0.0/16)" siteObject
 # record 1
 dn: CN=10.5.0.0/16,CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 siteObject: CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # returned 1 records
 # 1 entries
 # 0 referrals

and doing the simple lookup, i can get the DC:

 root at vdcsv1:~# ldbsearch -H /var/lib/samba/private/sam.ldb -b "CN=SERVERS,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it" "" dNSHostName
 # record 1
 dn: CN=dd6587e9-483d-41bc-aa4c-e2fe5c1af453,CN=NTDS Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 2
 dn: CN=NTDS Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 3
 dn: CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 4
 dn: CN=4d851fe0-967d-40c6-b1ba-c1d96b196042,CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 5
 dn: CN=6703f3ea-d6f9-4907-8afd-b021256cb1af,CN=NTDS Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 6
 dn: CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 7
 dn: CN=76a7bad4-ccee-4f19-887d-4903a2e8b095,CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 8
 dn: CN=c353aadd-e738-42a8-a024-d6631c7e5876,CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 
 # record 9
 dn: CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 dNSHostName: vdcsv1.ad.fvg.lnf.it
 
 # record 10
 dn: CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
 dNSHostName: vdcsv2.ad.fvg.lnf.it
 
 # returned 10 records
 # 10 entries
 # 0 referrals

But i was not able to use the third query (in 'Update:'), to prevent catching server
in other forest domains.
Ok, samba does not support forests, but...


Someone can help me? Thanks.

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the samba mailing list