John Summerfield wrote:
carlopmart wrote:
Hi all,
I have a very very strange problem with 6 rhel5/4 systems, almost for
me. In my infraestructure exists 3 Windows 2003 R2 SP2 servers acting
as a AD domains to authenticate windows workstations and several linux
systems.
One of these three windows 2003 server is located on a remote office:
- Headquarters: ad1 and ad2
- Remote Office: ad3
My 6 rhel based servers are located on headquarters office. All these
6 servers are configured to authenticate to AD servers, but only to
ad1 and ad2 not to ad3. Ok, my problem: yesterday I have shutdown ad3
to do some maintenance tasks. At the same time that I shutdown this AD
server, I can't login as normal user to any of my rhel based servers
(as a root
Can you test this with a Windows server (get an evaluation copy if
necessary) and see whether the problem exists there?
I can login). In /var/log/secure logs appears errors about ldap server
can't be reached, but what server?? ad1 and ad2 are online... I don't
understand why, because any ldap and krb5 configuration file points to
ad3.
When I started ad3 server, all works ok. Doing a tcpdump, I see that
ALL my rhel servers do a first ldap query to ad1 or ad2 and subsequent
ldap querys points to ad3 server instead to ad1 and ad2 servers. I
repeat: on my /etc/ldap.conf and /etc/openldap/ldap.conf I haven't any
param that points to ad3 ... I don't use samba, only ldap and kerberos
config.
Somebody knows why this happens?? I don't understand....
I don't, but I have a Windows-only domain that seems as confused. I have
two DCs, C0 and C1. C0 is the original, and acutely underpowered.
Theoretically, as I understand it, I should be able to turn C0 off and
still login, C0 has no shares and isn't supposed to be the master. It's
not so, if C0 is down then users cannot login.
Thanks John, but with Windows Workstations and Servers all works ok if ad3 is
off, only with rhel servers doesn't works ....
--
CL Martinez
carlopmart {at} gmail {d0t} com
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
