[Samba] machine accounts and ldap?
tsmailing at tronicplanet.de
Mon May 6 05:00:02 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Dmitry Melekhov wrote:
| Thomas Stegbauer wrote:
|> Dmitry Melekhov wrote:
|> | Hello!
|> | How to add computers into domains if I have several domains and several
|> | ldap servers (one is master, other are slaves), each server on domain
|> | controller?
|> | As I understand samba can't go to master ldap server for doing updates
|> | like adding
|> | accounts or change passwords? :-(
|> in my opinion you have two choices:
|> 1. (if i understand correctly: each samba is a domaincontroller for a
|> own domain?
| Yes, you are right.
|> you make ou's in ldap an let go the samba server to the ou. than each
|> ldapserver is master for the ou.
|> 2. you let access all sambaserver only the master server. and for other
|> things (like pam_ldap or nss_ldap) the localserver.
| Sorry, this is not good decigion.
|> idea to the developer: maybe the eases would to define two ldapserver?
|> one for write and on for search?
|> 3. also an idea, maybe it's already solved? when working with a sasl
|> bind the backup-ldapserver should be able to give a update-reference
|> back, which is saying: stop, please update this leave on that server.
| As I see samba uses simple bind and has no support for sasl bind.
yes this was a choice (if not yet done) to a developer :) also the 2nd
part from choice 2.
| May be there is another decigion?
| For instance, to have parameter for choose master ldap server?
as mentoined in choice 2 :) also for a developer?
# Thomas Stegbauer
# Tronicplanet Datendienst GmbH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba