Samba 3.0 / idmap backend ldap

Simo Sorce simo.sorce at
Thu Nov 20 09:49:25 GMT 2003

On Wed, 2003-11-19 at 19:54, Leandro Ariel Gomez Chavarria wrote:
> I thought that open ldap can synchronize on both ways, isn't it true?

You have to configure your ldap master with slurpd and the slave with a
referral to the master.
Doing 2 ways replication in theory is possible, but need much care and
have the isde effect of being prone to unresolvable conflicts, in a
word: don't try that in production. 

> Be sides, once winbindd bind his connection to one ldap server; it stay
> there? I mean if I have 2 ldap servers (master and slave) and a fqdn in
> my dns for both servers (for example in my case ldap.sys.arg means the 2
> differents ip's) shouldn't be able to balance the requests between
> them?

Winbind try to cache the ldap connection in some circumstances afaik, so
once it has been connected it stays here. Again this "load ballancing
would be problematic".

Ah and you should really use your primary server if at all possbile,
using a secondary is possible, but then remember that changes are not
synced immediately, there may be a few seconds delay, so a read after
write may sometimes fail (I have a setup made that way and have adapted
creation scripts to cope with delays in propagation of modifications).

