I'm having the same problem with the wrong DC being used. I think it
might be the Kerberos setup on the Unix box that's at fault, as it
only points to the offsite DC not the local one, though it could allow
for multiple. Our support organisation is investigating ...
On Wed 10/03/10 7:51 AM , "Vaudo, David" dva...@bentley.edu sent:
Set will tell you which logon server has handled the clients logon.
Look for LOGONSERVER:
There could be something wrong with our local DC. Run DCDIAG and
check the event viewer for errors in directory service and DNS.
From: Casey Allen Shobe [ca...@shobe.info [1]]
Sent: Tuesday, March 09, 2010 4:12 PM
To: Vaudo, David
Cc: samba@lists.samba.org [2]
Subject: Re: [Samba] Active Directory domain controller
authentication order
Thanks,
I've found the following, as I only have read-only access to the
sites and services stuff:
* Our subnet is associated with our site definition.
* Under our site --> Servers, only the local domain controller is
listed.
I also googled around and found out about "set l" on the command
line, which shows our local DC. But I'm not sure how useful this is,
because the VPN tunnel has been broken for a couple days and the
logins are more recent than that.
On Tue, Mar 9, 2010 at 3:38 PM, Vaudo, David wrote:
Make sure the subnets in AD Sites and Services are correctly
configured. I believe they perform to functions:
1. To control DC replication traffic between sites.
2. To make clients authenticate with local domain controllers first.
Thanks
David
-----Original Message-----
From: samba-boun...@lists.samba.org [samba-boun...@lists.samba.org
[5]] On Behalf Of Casey Allen Shobe
Sent: Tuesday, March 09, 2010 3:31 PM
To: samba@lists.samba.org
Subject: [Samba] Active Directory domain controller authentication
order
Hello,
I'm curious if anybody knows how to configure the order in which
domain
controllers are contacted by clients for authentication purposes and
other
such stuff. I've a situation where it seems that all our Windows
computers
are attempting to authenticate off of a remote server before the
local one,
which is backwards. I'm not even certain where to check what they are
actually attempting to authenticate against, but whenever a VPN
tunnel we
have to an upstream office breaks, logins and file share browsing and
other
stuff slows to a crawl.
Thanks for any hints,
--
Casey Allen Shobe
ca...@shobe.info
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba [9]
--
Casey Allen Shobe
ca...@shobe.info
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba [11]
Links:
------
[1] mailto:ca...@shobe.info
[2] mailto:samba@lists.samba.org
[3] mailto:dva...@bentley.edu
[4] mailto:samba-boun...@lists.samba.org
[5] mailto:samba-boun...@lists.samba.org
[6] mailto:samba-boun...@lists.samba.org
[7] mailto:samba@lists.samba.org
[8] mailto:ca...@shobe.info
[9] https://lists.samba.org/mailman/options/samba
[10] mailto:ca...@shobe.info
[11] https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
