Should we keep the Samba4 LDAP backend?

TAKAHASHI Motonobu monyo at
Sat Apr 2 21:39:44 MDT 2011

From: Kai Blin <kai at>
Date: Sat, 02 Apr 2011 22:16:40 +0200

> On 2011-04-02 14:19, Oliver Liebel wrote:
> Hi Oliver,
> > Thats not what i said.
> > Theres nothing wrong or unwanted between ADS - S4 sync.
> Ok, so here's what caused my confusion. I don't make a distinction
> between ADS and S4. To me, S4 is ADS. So naturally if you run a S4 DC,
> that will sync with other AD DCs. But I don't consider S4 a special case.

To take "syncing between ADS and S4/OL" for example caused confusion.
Take "syncing between ADS and enterprise LDAP (or OpenLDAP)" instead.

> > The LDAP Backend _is_ the relevant Part. Many Enterprise-sized Companys
> > have OL already implemented as
> > Single Point of Administration, mostly high customized.


> > They dont want to change their
> > complete LDAP-Backend Infrastructure,


> >  in most cases they just want to
> > have a kind of working Sync
> > between their ADS and OL (or S4/OL).

I agree that they want between **ADS and OL**, not between ADS and
S4/OL. For the matter between ADS and S4/OL, I agreed with Kai.

Now many administrators are worrying how to replicate user
informations (already) stored in enterprise master LDAP to Active
Directory. It's not a simple task.

Shortly I think "no" to the original question. we do not keep the
Samba4 LDAP backend, but as Oliver said, a DirSync-based
"Single-Shot"/ Master-Slave - Replication Mech could be a Solution for
many Companys. That can be an advantage over Windows.

TAKAHASHI Motonobu <monyo at>

More information about the samba-technical mailing list