ADS support

Aaron E. ssureshot at gmail.com
Thu Apr 12 08:31:21 MDT 2012


My apologies to the list -- I posted this and continued reading the 
posts and found exactly what I asked being spoken about.. I'm following 
that thread now..

Thank you

On 04/12/2012 10:22 AM, Aaron E. wrote:
> I just wanted to ask again,, Is DNS replicated now? If not then I assume
> that a secondary DC would not work properly if the primary goes down due
> to DNS not working.
>
> On 04/11/2012 01:21 PM, Aaron E. wrote:
>> I had looked at this PDC and BDC setup but my understanding is that DNS
>> isn't replicated or wasn't at the time to the bdc so I chose to use just
>> the primary with backup scripts that replicate the ldb's and extract
>> them to the backup servers..
>>
>> If the replication for DNS is working I would be happy to revisit my
>> strategy..
>>
>> On 04/11/2012 01:04 PM, Pavel Herrmann wrote:
>>> Hi
>>>
>>> On Wednesday 11 of April 2012 12:48:11 Aaron Endo wrote:
>>>> This is the top level build..
>>>>
>>>> Here is my situation -- I'm running a cluster of 4 servers with samba4
>>>> running on 1 primary server.. If failure it will failover to 2 ect..
>>>
>>> AFAIK samba4 should not be used in failover clusters with heartbeat or
>>> similar
>>> clustering technology. instead, you should use AD multi-master
>>> operation, in
>>> which the servers are running in parallel, and clients choose one
>>> based on
>>> their distance (in this setup, clients would choose one at random).
>>>
>>> when one server fails the domain contines to operate normally, with the
>>> exception of FSMO roles (which can be held by only one server at a
>>> time, in
>>> case of complete failure they can be transferred forcibly, but in normal
>>> operation you need both the original and target node to cooperate in
>>> FSMO
>>> transfer).
>>>
>>> the most visible FSMO is PDC emulator, which does authoritative
>>> authentication
>>> (any auth rejected by non-PDC node is forwarded to PDC node before
>>> sending
>>> reject to client), password changes and time sync. other FSMOs are
>>> used only
>>> when adding objects (accounts, computers) to the domain
>>>
>>>
>>> cheers
>>> Pavel Herrmann
>>>
>>
>>
>>
>
>
>




More information about the samba-technical mailing list