FW: Re: Samba4 provision-backend
horst schibullek
hotte.schibullek at web.de
Tue Apr 1 07:49:22 GMT 2008
> -----Ursprüngliche Nachricht-----
> Von: "Andrew Bartlett" <abartlet at samba.org>
> Gesendet: 01.04.08 01:57:05
> An: horst schibullek <hotte.schibullek at web.de>
> CC: samba-technical at lists.samba.org
> Betreff: Re: FW: Re: Samba4 provision-backend
>
>
> On Sat, 2008-03-29 at 21:15 +0100, horst schibullek wrote:
> > > -----Ursprüngliche Nachricht-----
> > > Von: "horst schibullek" <hotte.schibullek at web.de>
> > > Gesendet: 29.03.08 13:43:23
> > > An: "Andrew Bartlett" <abartlet at samba.org>
> > > Betreff: Re: Samba4 provision-backend
> >
> > >
> > >
> > > > -----Ursprüngliche Nachricht-----
> > > > Von: "Andrew Bartlett" <abartlet at samba.org>
> > > > Gesendet: 28.03.08 23:34:48
> > > > An: horst schibullek <hotte.schibullek at web.de>
> > > > CC: samba-technical at lists.samba.org
> > > > Betreff: Re: Samba4 provision-backend
> > >
> > >
> > > >
> > > >
> > > > On Thu, 2008-03-27 at 14:54 +0100, horst schibullek wrote:
> > > > > Samba4 SVN 26701:
> > > >
> > > > Firstly, Samba4 is now in GIT, the version in SVN is quite old. What
> > > > made you pull from SVN? (I may need to update a few web pages).
> > >
> > > o.k., got it. took the info from samba-wiki, where both variants (svn and git) are
> > > listed as ok.
> > > >
> > > > I think the issues with the provision-backend script have been fixed
> > > > since then (and rewritten in python).
> > >
> > > ok, good to hear.
> > >
> > > another issue:
> > > i had setup 2 samba4-dc's in the same domain, working fine together
> > > with openldap-backend (ol 2.4.8) in multi-master-replication,
> > > (using ldap://<fqhn>:9000/ instead of ldapi)
> > >
> > > tested both variants to get a redundant copy, first procedure: quick and dirty
> > > in old slurpd-style (copying the bdb-files and transaction-logs from
> > > dc1 to dc2; second procedure: with empty db on dc2 and
> > > syncrepl initial content load for all contexts, all ok.
>
> Great!
thanks. makes fun to test it... great job done with samba4
>
> > > all replication stuff is working fine in both directions, but when i try to
> > > reproduce your demonstration from sambaxp 2007
> > > (samab4-multi-master with Fedora DS backend)
> > > an kick off one DC, the domain isnt available any
> > > more for join operations and administering etc.
>
> Interesting. I've not attempted to reproduce that demonstration since
> SambaXP.
>
> > > looks like the key (in the words meaning) hangs in
> > > the secrets.keytab, which is different on both dc.
> > > is there a way to get it synchronized?
> > > (tried net samdump keytab etc., but seems not to work,
> > > tried also to manipulate the keytab with heimdal-tools,
> > > but did'nt work either)
>
> The second server needs to join the domain (as a DC, but talking to the
> first server). That should establish the keytabs etc.
>
>
i joined the domain with the second server, and after that i
created the needed ldif entry (Cn=NTDS...), everything
completely ok to this point.
other ideas?
if not, i maybe try it once again and post the smbd-debug messages,
but i know, they've been krb-ticket-related.
>Andrew Bartlett
>
> --
> Andrew Bartlett
> http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Red Hat Inc.
>
>
_______________________________________________________________
Schon gehört? Der neue WEB.DE MultiMessenger kann`s mit allen:
http://www.produkte.web.de/messenger/?did=3016
More information about the samba-technical
mailing list