[It is more an AD question then a Samba question, but...]
I need to do some LDAP query in an AD domain, plain LDAP query, mostly
to query non-auth data (eg, emails).
There's a DNS name that map to 'round robin the AD DC of the current
site'? I need an 'A' record, not an SRV record, eg i need to put in
my
apps/MFP/... an LDAP server DNS name that round robin between the
site's DC, or all the DC's.
I hope i was clear. Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia''
http://www.lanostrafamiglia.it/
Polo FVG - Via della Bont?, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
Using the FQDN of the domain should do exactly that: return all IPs of the domain in a round-robin fashion. $ nslookup ad.mydomain.ch Server:???????? 192.168.77.8 Address:??????? 192.168.77.8#53 Name:?? ad.mydomain.ch Address: 192.168.77.9 Name:?? ad.mydomain.ch Address: 192.168.77.8 $ dig ad.mydomain.ch ; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> ad.mydomain.ch ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50642 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 7f13fd4b30b47de7ef0fca875f2be936b97903879ee7a090 (good) ;; QUESTION SECTION: ;ad.mydomain.ch.?????????????? IN????? A ;; ANSWER SECTION: ad.mydomain.ch.??????? 900???? IN????? A?????? 192.168.77.9 ad.mydomain.ch.??????? 900???? IN????? A?????? 192.168.77.8 ;; AUTHORITY SECTION: ad.mydomain.ch.??????? 900???? IN????? NS dc2.ad.mydomain.ch. ad.mydomain.ch.??????? 900???? IN????? NS dc1.ad.mydomain.ch. ;; ADDITIONAL SECTION: dc1.ad.mydomain.ch.??? 900???? IN????? A?????? 192.168.77.8 dc2.ad.mydomain.ch.??? 900???? IN????? A?????? 192.168.77.9 ;; Query time: 12 msec ;; SERVER: 192.168.77.8#53(192.168.77.8) ;; WHEN: Thu Aug 06 13:27:50 CEST 2020 ;; MSG SIZE? rcvd: 172 On 29.07.2020 16:40, Marco Gaiarin via samba wrote:> [It is more an AD question then a Samba question, but...] > > > I need to do some LDAP query in an AD domain, plain LDAP query, mostly > to query non-auth data (eg, emails). > > There's a DNS name that map to 'round robin the AD DC of the current > site'? I need an 'A' record, not an SRV record, eg i need to put in my > apps/MFP/... an LDAP server DNS name that round robin between the > site's DC, or all the DC's. > > > I hope i was clear. Thanks. >
Bind returns via Round Robin. Samba Internal DNS does not -- it is sequential (I don't know how it is weighted). It is exactly this reason -- referring to ldaps://ad.mydomain.tld and trusting DNS to eventually return all of the DC's -- that I switched to Bind.
Mandi! Norbert Hanke via samba In chel di` si favelave...> Using the FQDN of the domain should do exactly that: return all IPs of > the domain in a round-robin fashion.Ahem, simple and effective, indeed. Thanks. But my question was a bit more complex then that: in a multisite domain, there's a query that return the 'A' records of the DC of the current site, in a RR round-robin fashion? Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bont?, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)