[Samba] Winbind authentication issues when single Domain Controller down

Richard Anderson rich.anderson at mbx.com
Tue Apr 26 14:58:53 UTC 2022

Our Windows Active directory domain controllers are connected to a switch
that is connected to a firewall. The firewall is then connected to another
switch that is connected to the Samba file server. The domain controllers
are on a server subnet and the fileserver is on a production subnet. Let me
know if this is helpful.

dc1 ---- Switch (Server subnet) ---- Firewall ---- Switch (Production 1
subnet) ---- Samba file server
dc2 --------| |
dc3 ----------|

Here are some tests mentioned in a previous email (this is from the Samba
file server):
"host ourdomain.companydomain.com" returns all 3 of our domain controllers
nslookup with set type=SRV _ldap._tcp.ourdomain.companydomain.com also
returns all three domain controllers

*Sr. Systems Engineer*

On Tue, Apr 26, 2022 at 8:37 AM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Tue, 2022-04-26 at 08:27 -0500, Richard Anderson via samba wrote:
> >
> > We have our domain controllers on a separate subnet and DNS is
> > relayed via
> > our firewall. However, the tests I ran against the domain (using
> > nslookup)
> > appeared ok.
> I think you need to explain that in a bit more detail.
> It sounds like your Samba AD DC's are in one subnet and your clients
> are in another. If this is the case, you should be using 'sites', but
> you would still need a minimum of one DC in each site.
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list