Rowland penny
2021-Feb-26 09:15 UTC
[Samba] Samba, Domains, Realms, Workgroups, on an AD DC
On 25/02/2021 22:01, Robert Steinmetz wrote:> Damn Typos. > > > The 'usually' above is part of my confusion using your example? I > therefore could have a realm SAMDOM.EXAMPLE.COM and a netbios domain > name of 'ANYTHING' > If I'm following this and I'm probably got something wrong I could > also have a realm of EXAMPLE.COM and a netbios domain name of 'ANYTHING' > The only problem with that would be, and I already ran into this, is > that if the DNS Domain example.com had members outside the current LAN > then their names would not resolve as those DNS requests would be > handled by the local samba DNS server which would have not knowledge > of them and would not forward the requests to the upstream DNS server, > unless I missed else something here.If your 'members' are not in the AD dns domain, then they cannot be domain members>> >> The netbios name is the hostname in uppercase. > The Linux (or Unix) hostname is the left most part of the FQDN so in > the above example the FQDN would be computername.samdom.example.com > assuming the Unix hostname and NetBIOS names are the same.They have to be the same.> > Taking this a step further, is it possible to have AD DCs in separate > locations reliably maintain all of the data for two or more locations > for redundancy and consistency? > That would seem to require a realm that is the same across all > locations which seems to rule out local DNS subdomains. >Yes, but you do not use different realms, you use a thing called 'sites': https://wiki.samba.org/index.php/Active_Directory_Sites Rowland