Hi, I would like to ask for some feedback on the generated samba configs in the chroot in packetfence.
The generated smb.conf includes a "password server = dc.ad.company.com". On the samba mailinglist, it's always recommened to use the auto discovery (using DNS) to locate the DCs. This will make use of ALL DC's, plus there's no need edit the config file, when you make changes to your DCs. The packetfence generated krb5.conf does also not seem to use autodiscover, but the same specific DC again. Samba folks recommend krb5.conf to contain just: > [libdefaults] > default_realm = SAMDOM.EXAMPLE.COM > dns_lookup_realm = false > dns_lookup_kdc = true (note also the UPPERCASE realm) (see https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member) But perhaps packetfence has valid reasons to not use those recommended settings..? Our concern is: we have three DCs, and packetfence only uses one. We would like to have failover for samba and krb, and use all DCs. How can we enable that behaviour in a packetfence-friendly way? MJ ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
