SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0000356: Active Directory NTLM auth does not use BDC - MantisBT
MantisBT - Endian Firewall
View Issue Details
0000356Endian FirewallApplication Level Proxiespublic2007-11-28 17:552007-12-31 19:11
peter-endian 
simon-endian 
normalminoralways
closedfixed 
2.2-beta1 
2.2-beta2 
0000356: Active Directory NTLM auth does not use BDC
BDC will not be used when PDC fails

in /etc/samba/smb.conf.tmpl the line
password server = $NTLM_PDC
need to be
password server = $NTLM_PDC $NTLM_BDC
No tags attached.
Issue History
2007-11-28 17:55peter-endianNew Issue
2007-11-28 18:07peter-endianNote Added: 0000672
2007-11-28 18:10peter-endianStatusnew => assigned
2007-11-28 18:10peter-endianAssigned To => ra-endian
2007-11-29 00:18peter-endianNote Added: 0000673
2007-11-29 00:18peter-endianStatusassigned => confirmed
2007-12-03 16:27peter-endianStatusconfirmed => assigned
2007-12-03 16:27peter-endianAssigned Tora-endian => simon-endian
2007-12-03 16:32simon-endianStatusassigned => resolved
2007-12-03 16:32simon-endianFixed in Version => 2.2
2007-12-03 16:32simon-endianResolutionopen => fixed
2007-12-03 16:32simon-endianNote Added: 0000681
2007-12-31 15:05raphael-endianFixed in Version2.2-beta1 => 2.2-beta2
2007-12-31 19:11raphael-endianStatusresolved => closed

Notes
(0000672)
peter-endian   
2007-11-28 18:07   
probably we need also a:
[realms]
 $AUTH_REALM = {
  kdc = $NTLM_PDC
#if $NTLM_BDC
  kdc = $NTLM_BDC
#end if
 }
within /etc/krb5.conf.tmpl

an example krb.conf file is here:
http://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.1/doc/krb5-admin/Sample-krb5.conf-File.html#Sample%20krb5.conf%20File [^]
(0000673)
peter-endian   
2007-11-29 00:18   
both, entry in smb.conf and krb5.cong works, it's basically tested
the #if is untested and is maybe not accurate
(0000681)
simon-endian   
2007-12-03 16:32   
added BDC to password server in smb.conf.tmpl