[Samba] R: R: R: R: samba remote site client authentication and network browsing problem

Rowland Penny rpenny at samba.org
Fri Jan 3 09:06:21 UTC 2025


On Fri, 3 Jan 2025 08:29:59 +0000
Manzini Enrico <emanzini at zensistemi.com> wrote:

> Hi Rowland, below, the servers and the remote client dns configuration
> 
> Server's dns configuration:
> DC-1:
>  - themself
>  - DC-2
> 
> DC-2
>  - themself
>  - DC-1
> 
> RODC-1
>  - DC-1
>  - DC-2
>  - themself
> 

In my opinion, all Samba AD DCs should only have themselves as their
nameserver, if something goes wrong, can you really rely on what it
returns if it is coming from another DC ?

When we come to your RODC, well it is looks to me that your clients are
asking the RODC for domain records and the RODC is going 'hang on, I
will ask DNS and, when it is online, DC-1 returns the info and the RODC
passes it to the client. When DC-1 is offline (which probably means
that DC-2 is as well), the client asks for a domain record, the RODC
asks DC-1 for the data, only it cannot find DC-1, so it waits for about
30 seconds and then tries DC-2, waits for about 30 seconds and then
finally tries itself and you 'may' get an answer if that record has
replicated.

Please fix your DNS.

Rowland

PS: Please do not CC me




More information about the samba mailing list