[Samba] How to join Windows server to domain using a Samba RODC / login only against RW DCs?
Jakob Curdes
jc at info-systems.de
Wed Jan 24 14:54:38 UTC 2024
Hello, we have setup a SAMBA4 RODC in our setup where we have two
exisitng RW Samba4 DC's.
The RODC is joined correctly and can preload user accounts etc. It also
can resolve its own name and the name of other DC's, also the SRV
records needed.
We created an own site with specific subnet for this RODC "area".
But we did not manage to get a join of a Windows server working without
also opening the firewall to the RW DCs, and, what is worse,*even after
the join, the domain logon only works as long as the firewall is open*,
otherwise it will fail with an error about the computer account not
being present, although after a manual replication , the computer
account that was automatically created during the join (on an RW
controller) was correctly replicated to the RODC. So some info is
missing on the RODC, but which? Any experience here on the list with
samba4 RODC's ?
Regards, Jakob
More information about the samba
mailing list