Re: [Samba] winbind occasionally failing to find domain controllers for trusted domains - Samba

This is a discussion on Re: [Samba] winbind occasionally failing to find domain controllers for trusted domains - Samba ; -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jason Haar wrote: > Hi there > > We have a bunch of Win2K3 trusted domains that are > parts of other forests from our own Win2K3 forest. .... > Have I missed something ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: [Samba] winbind occasionally failing to find domain controllers for trusted domains

  1. Re: [Samba] winbind occasionally failing to find domain controllers for trusted domains

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Jason Haar wrote:
    > Hi there
    >
    > We have a bunch of Win2K3 trusted domains that are
    > parts of other forests from our own Win2K3 forest.

    ....

    > Have I missed something that could make these trusts
    > more reliable? We are running Samba-3.0.24 under CentOS4.4


    We should be talking to DNS anyways in this case.
    Can you DNS resolve teh SRV records for the trusted domain?

    Do you have "host" listed in the "name resolve order" option
    in smb.conf ?



    cheers, jerry
    ================================================== ===================
    Samba ------- http://www.samba.org
    Centeris ----------- http://www.centeris.com
    "What man is a man who does not make the world better?" --Balian
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.3 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFGE8xNIR7qMdg1EfYRAoj8AJ94N3JZ6wnjWswrOwEEiO UumGKhYwCg3yFx
    dzLXWx7KLUe/LCjzAE+1tBU=
    =ePHX
    -----END PGP SIGNATURE-----
    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

  2. Re: [Samba] winbind occasionally failing to find domain controllers for trusted domains

    Gerald (Jerry) Carter wrote:
    > Jason Haar wrote:
    > > Hi there

    >
    > > We have a bunch of Win2K3 trusted domains that are
    > > parts of other forests from our own Win2K3 forest.

    > ...
    > We should be talking to DNS anyways in this case.
    > Can you DNS resolve teh SRV records for the trusted domain?
    >

    Absolutely. The Samba servers just use the local Active Directory DNS
    servers - and indeed they can resolve these domains correctly (e.g the
    SRV records for "_ldap._tcp.DOMAIN")

    > Do you have "host" listed in the "name resolve order" option
    > in smb.conf ?
    >
    >


    It's set to "lmhosts wins host bcast", and /etc/nsswitch.conf is set to
    "hosts: files dns"

    Thanks!

    --
    Cheers

    Jason Haar
    Information Security Manager, Trimble Navigation Ltd.
    Phone: +64 3 9635 377 Fax: +64 3 9635 417
    PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

    --
    To unsubscribe from this list go to the following URL and read the
    instructions: https://lists.samba.org/mailman/listinfo/samba

+ Reply to Thread