[Samba] 3.0: machine trust accounts & ldap servers
Yura Pismerov
ypismerov at tucows.com
Sun Nov 24 18:36:01 GMT 2002
Dariush Forouher wrote:
>
> Hello,
>
> does 3.0 still need unix accounts for machine trust accounts? This would
> be nice, because AFAIR in LDAP they can be placed into another
> directory. If no, must there be some magic options present in smb.conf?
>
> Another question: Is it possible to give samba 3.0 more than one ldap
> servers to get more redundance? If yes, works this with 2.2 too?
Have you ever thought that Samba needs read/write access to the
directory, not just read only ? In this case, how would you synchronize
multiple LDAP replicas ?
Usually LDAP uses one way replication mechanism. That means you always
do changes (writings) to the master replica, then the changes are being
propagated to other (read-only) replicas. Many LDAP implementations
support referral mechanism, so
writing can be directed to any replica including read-only and they will
be automatically redirected to the master server. So LDAP redundancy has
usually nothing to do with client implementation - it is up to a system
administrator to create proper redundant LDAP farm using either software
solutions (various VRRP implementations), or
real (hardware) load balaning devices.
If you propose built-in redundancy feature for Samba it should imply
read-only operations only. For read-write ones you still need to use
master replica LDAP instance.
So IMHO it does not make much sense at this point.
>
> ciao
> Dariush
> --
> PGP Fingerprint: 0x886C99A1
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list