AD as a backup DC to a Samba4 PDC?
Andrew Bartlett
abartlet at samba.org
Tue Nov 1 12:40:14 MDT 2011
On Tue, 2011-11-01 at 12:08 -0400, Charles Tryon wrote:
> I've been doing some digging for this but haven't found an answer yet. Is
> it possible to set up an actual Microsoft AD controller as a BDC to a
> Samba4 PDC?
>
> The reason for asking is that I am working on setting up Samba4 as our PDC,
> but I would like to show that it would be possible, if absolutely
> necessary, to move the domain to an actual Windows platform. It's one of
> those "warm fuzzies" that Microsoft centric bosses like to have when you're
> proposing a non-Microsoft solution on their network. :-P
Yes, one of the key advantages to a Samba4 domain over our previous
domain technologies is that we have full support for bidirectional
replication of the AD database with Windows. As is mentioned, sysvol
replication is not fully implemented yet (but FRS is being worked on for
this purpose). Also, you will want to use bind9_dlz or Kai's upcoming
DNS server (when it supports updates, which should be soon) so that the
DNS information is in the replicated directory.
I understand Samba4 has even been used as a migration tool, allowing it
migration of a domain that has started at Samba3 and needed to run
Microsoft's AD.
The big thing we don't have is multi-domain in a forest support. We
have many of the parts, and know how we could promote a Samba3 domain
into an existing AD forest, but we can't do it quite yet.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list