Re: [Samba] SRV records.
- Date: Sun, 19 May 2019 12:10:22 +0100
- From: Rowland penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] SRV records.
On 19/05/2019 11:46, A. James Lewis via samba wrote:
OK, fair point... perhaps I wasn't clear enough, this happens a lot...
probably my brain just operates on a different wavelength.... in my
original message I said "what method does it use to decide which is
the correct (most local?) domain controller to connect to"
The answer I got was "it uses sites, you need to set up sites"... the
answer I was hoping for was one of
From the info initially supplied, that was probably the only answer you
a) "If your AD controller has sites set up, and you do the SRV lookup
against the AD controllers own DNS server then it will send you only
local AD controllers based on the source subnet of the DNS query"
b) "If your AD controller has sites set up,then there will be some
broadcast magic happening from the AD controller informing the clients
how to prioritize the AD servers returned from the SRV query"
It is actually a mixture of a & b ;-)
I did say that the page needs updating, but Samba does support sites. It
was samba-tool that didn't support creating sites, but it does now,
updating that page is on my 'things to do' list.
c) /something else/
Having read the samba wiki article on sites you linked (Thanks
muchly), and the microsoft technet it references, I'm now even more
confused, since you stated that nothing needs to be done at the client
and it works exactly like a windows client... and that samba does not
support sites (which in light of the earlier comment, I took to mean
that support for sites is not in the client).
Good point, I will look into this, but the 'SRV' record should exist in
AD if 'sites' is set up correctly.
However, the technet article states that "When a client requests a
domain controller, it provides its site name to DNS."... which implies
that there must be some support in the client... and the Samba Wiki
article suggests that this information is encoded into the SRV query,
under a "sites" subdomain, which also implies that the client is
complicit, and must know it's site name.
Finally, the original comment is that it does not work if I query via
a BIND nameserver, which seems not to make sense if it's just encoded
in a subdomain, a'la
"_ldap._tcp._MySite_._sites.dc._msdcs.samdom.example.com". This makes
me think that there must be a "site =" parameter in the smb.conf.
Not to my knowledge, but winbind is site aware, so, as far as I am
aware, it should work.
I hope it's clear why I'm confused.... and I apologize if I
contributed to said confusion.
No problem, but you have got me thinking, I don't use sites, so I will
have to set up a test domain to test all this ;-)
To unsubscribe from this list go to the following URL and read the