notes on HOWTO-Collection
Paul Kölle
pkoelle at gmail.com
Thu May 26 07:30:30 GMT 2005
Ignacio Coupeau wrote:
>
>> Problems I see with the current version:
>>
>> After the first sentence, it jumps into LDAP without introducing why
>> LDAP at all (replication). It points out that when using a slave LDAP
>> server, clients *may* still be able to logon. So are they? AFAIK if
>> Samba needs to write to the SAM during logon it will fail since the
>> slave will return a referral to the master and boom! (unless there is
>> some background magic samba does to cache updates). Then a slave is just
>> loadbalancing, not redundancy. This is actually stated at the end of the
>> paragraph but "if the slave find it's master down at the wrong time you
>> will have stability and operational problems" doesn't sound very
>> promising and not stating what those problems might be makes it even
>> worse. How is one supposed to read "clients may still be able to logon",
>> after that sentence? And the reader has probably no clear understanding
>> about LDAP replication. Later on the text is interspersed with comments
>> about the (impossible) interop of Samba and NT4 PDCs/BDCs which I think
>> should all go into the "Features and Benefits". A see "Features and
>> Benefits" section as "this is what you (don't) get" if one finds a
>> showstopper here one would probably don't read further which saves a lot
>> of time ;)
>
>
> Paul,
> our experience at my site is that the referrals are very well followed
> by samba, and if the master is down
Ok, that was poorly written, of course samba manages referrals.
(of course, you may use multimaster
> in several LDAP implementations) some write operations are blocked, but
> the client manages it pretty well: the worst situation may be the
> user-change-passwd or the workstation's ntpassword re-negotiation, but
> if the change fails (ie. ldap master is down), the client don't crash at
> all nor the ws is removed from the domain, simply the attributes are not
> changed at this time.
So this should probably go into the docs, one question remains though.
Do logons work when the master is down?
greetings
Paul
More information about the samba-technical
mailing list