-
Story
-
Resolution: Unresolved
-
Minor
-
rhel-9.0.0
-
None
-
rhel-idm-uah
-
ssg_idm
-
0
-
False
-
False
-
-
None
-
None
-
None
-
None
-
If docs needed, set a value
-
-
Unspecified
-
None
-
57,005
Description of problem:
Customer environment cannot use default behavior of Samba (actually winbind according to Alexander), where it gets a list of AD servers to communicate with. Global customer AD infrastructure has AD components broken out to different servers for replicating and handling the load on different AD server components. Only specific AD servers are running the components that Samba/winbind need to query. Currently we are handling this by outgoing firewall rules and a static AD list on every system running Samba/winbind. AD pinning capability will help (which is not available), but we are requesting AD Site capability to centralize this list and allow the AD admins to manage the list queried by Samba/winbind.
Version-Release number of selected component (if applicable):
Apparently not supported under current Samba/winbind version
How reproducible:
currently occurring
Expected results:
winbind utilizes AD Sites list for querying AD servers
Additional info: