forcing winbind/samba to use single server

Question

In a network, there are 2 AD servers. We are integrating samba and squid with AD for user authentication. Interestingly one of the servers does not allow us for enough security level. So we have to use one of them. In spite of using IP and realm of the working server, winbind/samba may choose to use other. We can examine this situation with "net ads info".

Is there any way to ping samba to use single server as AD and password server and not to allow chosing others in the AD pool?

krisFR · Answer 1 · 2014-01-09T11:08:34.377

1

You can use this directive in smb.conf in [Global] section :

password server = SERVER_AD.domain.tld

This will force Samba to use a specific Server to validate username/password authentication.

http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#PASSWORDSERVER

edited Jan 09 '14 at 11:08

answered Jan 09 '14 at 10:56

krisFR

12,830
3
31
40

1

This setting is already added but does not work. – seaquest Jan 09 '14 at 14:43
What makes you think that it does not work ? – krisFR Jan 09 '14 at 15:52
Using `wbinfo --getdcname=DOMAIN` indicates that the setting is not obeyed. – DustWolf Aug 27 '21 at 13:55

forcing winbind/samba to use single server

1 Answers1