Hello,
I have a linux server that is joined to our domain that has multiple Domain
Controllers at multiple sites.
The DCs are all synced together and this is a Windows Server 2003
environment.
I configured a linux server to join the domain using winbind (security ads).
That is, it was joined with "net ads join -U user@DOMAIN.COM"
When I configured the server, I installed krb5 but removed the krb5.conf
file. Because our site has multiple synced domain controllers, I would let
winbind use the service dns records to find the Kerberos server to use.
Figured this was smart in case a DC died, it would automatically find
another DC to use.
Everything is working just fine, but the DC (i.e. the kerberos server) that
winbind uses seems to be fairly random and sometimes picks a DC that is at a
site that is across the country. It's a perfectly valid DC but it's far
away
so winbind runs extremely slow and sometimes will timeout.
Is there a way I can pick which DC winbind will connect to when it querying
for user/group information?
I've setup the krb5.conf file and restarted samba and winbind but "net
ads
info" and "net ads lookup" still shows it using a DC that is far
away.
Can I pick which DC is used in this situation?
Thanks.
