[Samba] secondary domain controller doesn't get used
Jason Keltz
jas at eecs.yorku.ca
Thu Dec 3 15:55:27 UTC 2020
As I mentioned yesterday, I setup a secondary domain controller.
In my /etc/krb5.conf on all my test AD clients, I specify the IP of both
kdcs:
[realms]
AD.EECS.YORKU.CA = {
kdc = IP1
kdc = IP2
}
If I'm logged into a system using the DC at IP1, and I stop the DC
processes on IP1, then I try to run a command such as "whoami" on the AD
client, I get "whoami: cannot find name for user ID X".
If I try to ssh to the system, my password doesn't work.
If I then put back up the DC processes on IP1, everything works.
What am I missing? Isn't the point of the alternate domain controller
that I should be able to take one away, and the other would be used?
Jason.
More information about the samba
mailing list