notes on HOWTO-Collection
Ignacio Coupeau
icoupeau at unav.es
Wed May 25 14:45:25 GMT 2005
> Problems I see with the current version:
>
> After the first sentence, it jumps into LDAP without introducing why
> LDAP at all (replication). It points out that when using a slave LDAP
> server, clients *may* still be able to logon. So are they? AFAIK if
> Samba needs to write to the SAM during logon it will fail since the
> slave will return a referral to the master and boom! (unless there is
> some background magic samba does to cache updates). Then a slave is just
> loadbalancing, not redundancy. This is actually stated at the end of the
> paragraph but "if the slave find it's master down at the wrong time you
> will have stability and operational problems" doesn't sound very
> promising and not stating what those problems might be makes it even
> worse. How is one supposed to read "clients may still be able to logon",
> after that sentence? And the reader has probably no clear understanding
> about LDAP replication. Later on the text is interspersed with comments
> about the (impossible) interop of Samba and NT4 PDCs/BDCs which I think
> should all go into the "Features and Benefits". A see "Features and
> Benefits" section as "this is what you (don't) get" if one finds a
> showstopper here one would probably don't read further which saves a lot
> of time ;)
Paul,
our experience at my site is that the referrals are very well followed
by samba, and if the master is down (of course, you may use multimaster
in several LDAP implementations) some write operations are blocked, but
the client manages it pretty well: the worst situation may be the
user-change-passwd or the workstation's ntpassword re-negotiation, but
if the change fails (ie. ldap master is down), the client don't crash at
all nor the ws is removed from the domain, simply the attributes are not
changed at this time.
--
____________________________________________________
Ignacio Coupeau, Ph.D. icoupeau at unav.es
CTI, Director icoupeau at alumni.unav.es
University of Navarra icoupeau at ieee.org
Pamplona, SPAIN http://www.unav.es/cti/
More information about the samba-technical
mailing list