Hi Samba List!
Used samba3 for years, now it's time for samba4 (thanks!!!)
Unfortunately I am not familiar with certain microsoft concepts about AD
and the roles of domain controllers.
I've got three vm's for my experiments:
1) a samba4 domain controller test1.test.local
2) a samba4 additional domain controller test2 joined to my domain
test.local.
3) a win7 workstation that is joined to domain test.local and has ip's
of both test1 and test2 for dns
If I understand correctly, dns and ad are synchronized between test1 and
test2 per samba-tool drs show-repl
What I want, is to have a test2 be a failover domain controller if test1
is offline for some reason.
My experiment went like this:
1) service samba4 stop on test1.test.local to simulate failure
2) still log in on win7 workstation to test2, i think this is due to
cached credentials
3) call up active directory users and computers on win7
4) make some changes to ad and have those replicated from test2->test1
when it comes back online
However, I get the message on the win7 vm:
"Naming information cannot be located because: the system detected a
possible attempt to compromise security. Please ensure that you can
contact the server that authenticated you. Contact your system
administrator to verify that your domain is properly configured and is
currently online."
Any suggestions?
Is there something I need to do to "pass the hat" to test2?
Can it be passed back to test1 afterward?
thanks!
mtoal
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
