[Samba] samba4 servers with one "master" sam.ldb

Andrew Bartlett abartlet at samba.org
Sun Oct 17 15:15:56 MDT 2010 

On Sun, 2010-10-17 at 22:59 +0200, Michael Wood wrote:
> 2010/10/17 Magnus Benngård <magnus.b at inputinterior.se>:
> >
> > Hi all!
> >
> > First of all i would like to say that i am not a Samba4 guru so my question
> > may be "stupid". I have 2 Samba4 servers up and runnning:
> >
> > Server 1:
> >  netbios name = PDC
> >  workgroup = GBG
> >  realm = GBG.INPUTINTERIOR.SE
> >  server role = domain controller
> >
> > Server 2:
> >  netbios name = PDC
> >  workgroup = MLM
> >  realm = MLM.INPUTINTERIOR.SE
> >  server role = domain controller
> >
> > Here comes my question, can I in some way modify Server 2, so it fetches
> > the user accounts from Server 1? I do want to keep different workgroups.
> >
> > For example, I create a user "mabe" on server 1, within some minute or so I
> > would like that user to be on server 2 to, and if "mabe" changes the
> > password on server 2, it should be replicated to server 1.
> >
> > Any advice plz and again sorry if my question is stupid.
> 
> I have copied my reply to samba-technical.
> 
> Of course if you had the same realm for both (and just created the
> second one by vampiring from the first one) then the replication of
> users would just work.  I don't know if it's possible the way you want
> to do it.

Thanks Michael,

You are quite correct:  The workgroup for all Samba servers in a domian
must be the same, just as the realm must be the same.  If they are not,
then they are not in the same domain, and no replication should be
expected. 

Magnus,

You are of course free to try and set up whatever manual processes you
wish to operating on the separate sam.ldb databases, but I would suggest
that it will be a lot of work and very difficult to get completely
correct. 

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20101018/2cd1502b/attachment.pgp>

More information about the samba-technical mailing list