[Samba] Need help setting up a Samba 3.x Backup Domain Controller
with LDAP
Travis L. Bean
maillists at biologicaqua.com
Thu Nov 6 19:17:41 GMT 2003
I would like to know the options I need in my smb.conf to have for
setting up a Samba 3.x Backup Domain Controller when using LDAP. What I
am confused about is reference made in the smb.conf man page to "idmap".
From the man page and Samba how-to documentation, I understand this
"idmap" reference to only be used for member servers and backup domain
controllers that don't have their own "passdb"? So when you setup the
reference in the Backup Domain Controllers smb.conf do you only include
the following reference to "idmap" and leave out the reference to
"passdb backend=ldapsam"? Something like this?:
idmap backend = ldap:ldap://bdc-srv.domain.com
idmap gid = 10000-20000
idmap uid = 10000-20000
ldap idmap suffix = ou=idmap,dc=domain,dc=com
and use something like this for the primary domain controller??:
ldap suffix = dc=domain,dc=com
passdb backend = ldapsam:ldap//pdc-srv.domain.com
ldapsam:ldap//bdc-srv.domain.com
Note: ("passdb backend" reference to pdc-srv & bdc-srv is all on the
same line).
Also, in the backup domain controller's smb.conf I assume I set "local
master", "domain master" and "preferred master" all to "no", etc, etc.
Basically I would like to get some feedback from someone who has been
successful in getting a Samba 3.x PDC and BDC working together with
LDAP. I am trying to setup my server configuration to support
"hot-failover" and would like to allow my clients to login to access
their documents on the Samba BDC if the PDC fails for whatever reason
(the PDC and BDC are going to be setup for real-time mirroring).
Please submit the differences between a working PDC smb.conf and BDC
smb.conf. The Samba 3.x "how-to" documentation is lacking as far as
explaining this and needs better examples for what is needed to setup a
PDC/BDC Samba/LDAP configuration.
More information about the samba
mailing list