Ole Traupe
2015-Dec-17 13:54 UTC
[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
Rowland, thank you, but before we do that: - what now with the 'gc' record? 2nd DC yes or no? - if you say that the internal DNS is not compatible with a multi-DC setting, than we can stop here, no? Ole Am 17.12.2015 um 14:32 schrieb Rowland penny:> On 17/12/15 12:50, Ole Traupe wrote: >> >> I somehow doubt that. Still it seems that no one here has an idea of >> why log-on from member servers isn't working properly (for me). >> However, in the meantime I have created all the necessary DNS >> records. This can't be the issue anymore. >> >> > > If you are sure that you now have all the dns records for both DCs in > AD, then I would agree that this is probably not the issue (there is > just the 0.1% chance you are still missing something) > > Can your domain members find the DCs ? > Do your domain members have a FQDN ? > Are they joined to the domain ? > What have got in smb.conf on the domain members ? > > You may have posted all or some of this before, but lets start again. > > Rowland >
Rowland penny
2015-Dec-17 14:33 UTC
[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
On 17/12/15 13:54, Ole Traupe wrote:> Rowland, thank you, but before we do that: > > - what now with the 'gc' record? 2nd DC yes or no?Which one ? I have these: dn: DC=_gc._tcp.Default-First-Site-Name._sites,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com dn: DC=_gc._tcp,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com dn: DC=_ldap._tcp.gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com dn: DC=_ldap._tcp.Default-First-Site-Name._sites.gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com dn: DC=gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com They all contain two dnsrecords, one from each DC> - if you say that the internal DNS is not compatible with a multi-DC > setting, than we can stop here, no? >Please stop putting words in my mouth :-) All I said was that you will only get one NS record if you use the internal DNS server, everything else seems to work though, although I haven't tried turning the first DC off yet. Rowland> Ole > > > Am 17.12.2015 um 14:32 schrieb Rowland penny: >> On 17/12/15 12:50, Ole Traupe wrote: >>> >>> I somehow doubt that. Still it seems that no one here has an idea of >>> why log-on from member servers isn't working properly (for me). >>> However, in the meantime I have created all the necessary DNS >>> records. This can't be the issue anymore. >>> >>> >> >> If you are sure that you now have all the dns records for both DCs in >> AD, then I would agree that this is probably not the issue (there is >> just the 0.1% chance you are still missing something) >> >> Can your domain members find the DCs ? >> Do your domain members have a FQDN ? >> Are they joined to the domain ? >> What have got in smb.conf on the domain members ? >> >> You may have posted all or some of this before, but lets start again. >> >> Rowland >> > >
Ole Traupe
2015-Dec-17 14:56 UTC
[Samba] Authentication to Secondary Domain Controller initially fails when PDC is offline
Am 17.12.2015 um 15:33 schrieb Rowland penny:> On 17/12/15 13:54, Ole Traupe wrote: >> Rowland, thank you, but before we do that: >> >> - what now with the 'gc' record? 2nd DC yes or no? > > Which one ? I have these: > > dn: > DC=_gc._tcp.Default-First-Site-Name._sites,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com > > dn: > DC=_gc._tcp,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com > > dn: > DC=_ldap._tcp.gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com > > dn: > DC=_ldap._tcp.Default-First-Site-Name._sites.gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com > > dn: > DC=gc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com > > They all contain two dnsrecords, one from each DC > >> - if you say that the internal DNS is not compatible with a multi-DC >> setting, than we can stop here, no? >> > > Please stop putting words in my mouth :-) > > All I said was that you will only get one NS record if you use the > internal DNS server,Ok. And do you *need* both?> everything else seems to work though, although I haven't tried turning > the first DC off yet.Why? I mean, could you perhaps? Please?> > Rowland > >> Ole >> >> >> Am 17.12.2015 um 14:32 schrieb Rowland penny: >>> On 17/12/15 12:50, Ole Traupe wrote: >>>> >>>> I somehow doubt that. Still it seems that no one here has an idea >>>> of why log-on from member servers isn't working properly (for me). >>>> However, in the meantime I have created all the necessary DNS >>>> records. This can't be the issue anymore. >>>> >>>> >>> >>> If you are sure that you now have all the dns records for both DCs >>> in AD, then I would agree that this is probably not the issue (there >>> is just the 0.1% chance you are still missing something) >>> >>> Can your domain members find the DCs ? >>> Do your domain members have a FQDN ? >>> Are they joined to the domain ? >>> What have got in smb.conf on the domain members ? >>> >>> You may have posted all or some of this before, but lets start again. >>> >>> Rowland >>> >> >> > >
Maybe Matching Threads
- Authentication to Secondary Domain Controller initially fails when PDC is offline
- Authentication to Secondary Domain Controller initially fails when PDC is offline
- Authentication to Secondary Domain Controller initially fails when PDC is offline
- Authentication to Secondary Domain Controller initially fails when PDC is offline
- Authentication to Secondary Domain Controller initially fails when PDC is offline