This assumes that the client knows how to retrieve SRV records though. The first thing I would say to do in troubleshooting this is to do drum roll please..... Network trace, yeah you knew I was going to pull that one didn't you?
Another thing to do would be to use proper authentication with Kerberos. Vintela and Centrify have products to help this be much less painless than it can be. Joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Friday, October 14, 2005 3:51 PM To: [email protected]; [email protected] Subject: RE: [ActiveDir] Major issue not sure if 2003 created this problem Well.... To query for ANY DC (or LDAP server) in the domain you use: _ldap._tcp.dc._msdcs.<domain>.<tld> To query for ANY DC (or LDAP server) in a certain site you use: _ldap._tcp.<site name>._sites.dc._msdcs.<domain>.<tld> If a computer does not know its site it uses the first and if it know its site it will use the second. I don't know if a linux client is site aware or can be made site aware (with the samba client?) (and I don't know anything about linux/unix) How is the linux client configured to search for a DC? Cheers, Jorge ________________________________ From: [EMAIL PROTECTED] on behalf of Jennifer Fountain Sent: Fri 10/14/2005 9:23 PM To: [email protected] Subject: [ActiveDir] Major issue not sure if 2003 created this problem Hi all: I currently have my linux boxes configured to log into AD via ldap. I noticed today that even thought I have the host ip hard coded to a local server, each box is trying to authenticate to a DC at a remote site. Has anyone experienced this issue? Kind Regards, Jennifer Fountain Systems Administrator/Security R&B Distribution 3400 E Walnut Street Colmar, PA 18915 **************************************************************************** ***** The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
