-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/28/2011 09:29 PM, Robinson, Eric wrote: > There are three DCs in my Windows AD domain, but I have > noticed that only one of them is referenced in my krb.conf > and krb5.conf. Should there be a reference to one or two of > the other domain controllers? If the DC goes down, how will > my Samba/Winbind servers authenticate? > > > -- > Eric Robinson > > Eric,
There should be no problem putting each DC in your krb.conf file. It does allow for failover for kerberos. In your smb.conf file you will also want to list the servers in your "password server" parameter, separated by spaces. Depending on how your samba/winbind is implemented, and the default way most windows domain member machines work, is that they will go to kerberos first then go to lanman/ntlm/ntlmv2. Robert - -- ________ Robert Freeman-Day https://launchpad.net/~presgas GPG Public Key: http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1s+8AACgkQup357T5MfTavTQCgtr2iYkBpIaAGwGvgu0ZwCb5t 45cAoIePLwkKfp/+SXR6IS+6iXH+AoUj =2sXL -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
