[Samba] Hot-failover between a Samba 3.x.x PDC and BDC with LDAP backend

[Travis L. Bean]

I would like to know how to achieve a "hot-failover" setup between a Samba
3.x.x primary domain controller and backup domain controller with a LDAP
backend.  I was under the impression that all I need to specify is something
like the following in my smb.conf:

 

passdb backend = ldapsam:"ldap://pdc-srv.domain.org
ldap://bdc-srv.domain.org"

 

I have set this passdb backend reference in both my PDC's and BDC's
smb.conf.  I have used "net rpc getsid" on the BDC to obtain the domain SID
from the PDC.  If I create a testuser on the PDC, I am able to login with
this user on the BDC (ssh testuser at bdc-srv), so I know my LDAP master/slave
replication is working correctly.  I have rsynced my /home directory and
user's profile information on the PDC to the BDC (After I get this
"hot-failover" working I am going to have these two servers setup with
real-time mirroring using fam, dnotify, and rsync).  

 

I was under the impression that if I configured my domain controllers in
this fashion that I would be able to login to the PDC (let's say with
"testuser") and if the PDC fails for any reason then the BDC would be
notified of the failure and take over at that point.  Then "testuser" (who
is still logged in) would be able to continue to access their home
directory, but they would now be accessing the mirrored /home directory on
the BDC, and this "hot-failover" would happen seamlessly without the user
having to logoff and log back in.  Is this a possible scenario and if so,
how do I make this happen?