redundant load balancing and mschap

[alan buxey]

Hi,

>    Authentication *works*, but all authentications go to the same DC (the one
>    specified in "mschap2").  Running "radiusd -X" shows that all mschap1/2/3
>    instances are being called, and no authentication *attempts* are being
>    sent to the other two domain controllers.  (1 and 3 aren't failing.  They
>    just aren't *tried*.)

i would advise to increase debuggin in smbd/winbindd and for ntlm_auth

also check your samba and kerberos configs to see how you are querying
the KDC - are you specifying particular names?  It could be that
your client did a DNS lookup, cached that answer and doesnt want to use anything
else - a few entries in /etc/hosts might be in order

alan