ADS support

Aaron E. ssureshot at
Thu Apr 12 08:22:56 MDT 2012

I just wanted to ask again,, Is DNS replicated now? If not then I assume 
that a secondary DC would not work properly if the primary goes down due 
to DNS not working.

On 04/11/2012 01:21 PM, Aaron E. wrote:
> I had looked at this PDC and BDC setup but my understanding is that DNS
> isn't replicated or wasn't at the time to the bdc so I chose to use just
> the primary with backup scripts that replicate the ldb's and extract
> them to the backup servers..
> If the replication for DNS is working I would be happy to revisit my
> strategy..
> On 04/11/2012 01:04 PM, Pavel Herrmann wrote:
>> Hi
>> On Wednesday 11 of April 2012 12:48:11 Aaron Endo wrote:
>>> This is the top level build..
>>> Here is my situation -- I'm running a cluster of 4 servers with samba4
>>> running on 1 primary server.. If failure it will failover to 2 ect..
>> AFAIK samba4 should not be used in failover clusters with heartbeat or
>> similar
>> clustering technology. instead, you should use AD multi-master
>> operation, in
>> which the servers are running in parallel, and clients choose one
>> based on
>> their distance (in this setup, clients would choose one at random).
>> when one server fails the domain contines to operate normally, with the
>> exception of FSMO roles (which can be held by only one server at a
>> time, in
>> case of complete failure they can be transferred forcibly, but in normal
>> operation you need both the original and target node to cooperate in FSMO
>> transfer).
>> the most visible FSMO is PDC emulator, which does authoritative
>> authentication
>> (any auth rejected by non-PDC node is forwarded to PDC node before
>> sending
>> reject to client), password changes and time sync. other FSMOs are
>> used only
>> when adding objects (accounts, computers) to the domain
>> cheers
>> Pavel Herrmann

More information about the samba-technical mailing list