PDC acceptance criteria

Simo Sorce simo.sorce at polimi.it
Wed Oct 4 09:54:38 GMT 2000 

Jason Haar wrote:
> 
> On Tue, Oct 03, 2000 at 05:20:45PM -0500, Steve Langasek wrote:
> > On Tue, 3 Oct 2000, Gerald Carter wrote:
> > > Let me rephrase that then...Is PDC<->BDC integration with
> > > NT server required?  Or can people just say this is a
> > > Samba domain.  It is a trivial thing to replicate a smbpasswd
> > > among servers.  Once LDAP support is in place, we can
> > > just point all samba servers in a domain to that.
> >
> > It is trivial to replicate the smbpasswd file between servers; but what tools
> > are you going to ship with Samba to facilitate this?  Samba has been ported to
> > such a wide range of platforms that the only guarantee you have about your
> > server's facilities is that it supports SMB. :)  That being the case, it seems
> > to me that the easiest failover method to implement would be the one that
> > already uses SMB, namely the NT PDC->BDC replication mechanism.  The
> 
> I diagree. I'd say that if you're using Samba as your PDC, then you are
> using Samba for your BDCs (i.e you do not want NT for your DC's). As such
> you should use standard tools to replicate smbpasswd - and I believe they do
> exist - they're called NIS (yuck!) and rdist/rsync. I'd use the latter (over
> ssh of course) to provide a Unix-specific solutions that is BETTER THAN that
> provided by M$...
> 
> For those "wide range of platforms" that don't support such options, well I
> hear FTP works everywhere :-)
> 

No, that's not a solution for many many reasons.
1. Who says that a samba PDC will have samba only BDC?
   A Company that switches from an environment to another may need to
have
   mixed environments, not only because a complete switch may not always
be
   performed immediately, but also because you need to train all your
staff
   and this need time. So having samba as PDC and letting the yet
untrained
   staff to use NT BDCs will be common.
2. NIS is not equal in all platforms and you may not assume all the
samba
   servers will run on the same hw/OS architecture.
3. You may "need" a Microsoft DC for some really "bad" software.

So to avoid incompatibilities between different platforms, to have
stepped
migration paths and permit a _REAL_ integration between *nix and MS
software
you _NEED_ the PDC<->BDC feature.

PDC<->BDC feature is also a key point in migration path as it permits to
port
all the accounts from one server to another without breaking
configuration and
having problems with users profiles and permissions.

Simo.
-- 
Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at polimi.it
Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451
-----------------------------------------------------------------
Be happy, use Linux!

More information about the samba-technical mailing list