0

Currently, I have Samba on Ubunut Linux 16.04 connecting to a domain controller. When I joined, I joined to ad-1.example.com; however, after two weeks, it found read-only-adc.example.com on its own subnet and proceeded to completely fail to function anymore.

Samba really, really doesn't like read-only domain controllers.

Thus far, I haven't found any way to force Samba to use the primary domain controller one subnet over, either by modifying /etc/krb.conf or putting false information in /etc/hosts (it finds the IP address without looking in the hosts file).

Does anyone know how to resolve this?

John Moser
  • 141
  • 1
  • 2

2 Answers2

2

Sure. Put fully functional controllers to the /etc/krb.conf, add a password server = <name of the fully functional controller> to your smb.conf and rejoin samba to your domain, since samba actually keeps a copy of your krb.conf somewehere inside /var (this differs from distribution to distribution). Also, the step with the password server and actual /etc/krb.conf may be enough for itself.

drookie
  • 8,625
  • 1
  • 19
  • 29
  • I hadn't sufficiently read the documentation, and don't understand AD and LDAP very well. Reading the `password server` documentation within the context of this answer suddenly makes plenty of sense. Thanks! – John Moser Mar 20 '17 at 16:51
0

I'm fairly certain you can just use a hosts entry to accomplish this. Just point example.com to that one domain controller. I'm not sure if you would need to invalidate read-only with a fake IP in the hosts file also, but you could try it if it keeps going back there.

Jeff W.
  • 511
  • 2
  • 7
  • It ignores /etc/hosts entries because it looks up via `lmhosts` and WINS first. You can change this around with `name resolve order`. – John Moser Mar 20 '17 at 17:01