Dan Johnson
2012-Jun-21 11:42 UTC
[Samba] dc locator/site awareness, and samba-winbind-krb5-locator
Hi all A couple of questions for you on domain integration: Firstly, can someone please explain to me where/how a samba device's site info is cached? I see from a trace that when winbind starts it goes through the usual process that a windows device does (DNS query for non site-specific SRV, LDAP query/response with site name, DNS query for site-specific SRV). - How is the site info cached? - How can the cache be refreshed? - Is it possible to manually set a site (like configuring the SiteName registry entry on a windows box) Secondly, I installed the samba-winbind-krb5-locator plugin (on Fedora), how can I tell this is actually working? It no longer queries DNS for the _kerberos or _kpasswd SRV records (cf windows client) so I am assuming it is working ok. However before I did the domain join, it was still doing default Kerberos behaviour (i.e. looking for _kerberos and_kerberos-master, with no site info requested). I couldn't see anything in the man pages for winbind. I am an AD person not a UNIX person so thanks in advance for any insights/top tips from samba gurus :) Dan Johnson
Dan Johnson
2012-Jun-26 09:23 UTC
[Samba] dc locator/site awareness, and samba-winbind-krb5-locator
Apologies, have I put this in the wrong place? Is this perhaps something I need to ask the technical list? Dan Johnson ________________________________________ From: samba-bounces at lists.samba.org [samba-bounces at lists.samba.org] On Behalf Of Dan Johnson [dan at djjconsulting.com] Sent: 21 June 2012 12:42 To: samba at lists.samba.org Subject: [Samba] dc locator/site awareness, and samba-winbind-krb5-locator Hi all A couple of questions for you on domain integration: Firstly, can someone please explain to me where/how a samba device's site info is cached? I see from a trace that when winbind starts it goes through the usual process that a windows device does (DNS query for non site-specific SRV, LDAP query/response with site name, DNS query for site-specific SRV). - How is the site info cached? - How can the cache be refreshed? - Is it possible to manually set a site (like configuring the SiteName registry entry on a windows box) Secondly, I installed the samba-winbind-krb5-locator plugin (on Fedora), how can I tell this is actually working? It no longer queries DNS for the _kerberos or _kpasswd SRV records (cf windows client) so I am assuming it is working ok. However before I did the domain join, it was still doing default Kerberos behaviour (i.e. looking for _kerberos and_kerberos-master, with no site info requested). I couldn't see anything in the man pages for winbind. I am an AD person not a UNIX person so thanks in advance for any insights/top tips from samba gurus :) Dan Johnson